forceAuth=True URL option on Identity Server fails to trigger a user re-authentication request after upgrading from 3.1 to 3.2

  • 7012137
  • 12-Apr-2013
  • 16-Jul-2013


NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Support Pack 1 applied
Password Management Servlets redirect to Identity Server after changing password with forceAuth=true


Access Manager 3.1.4 setup and working fine. Password Management applications are accelerated by the Access Gateway so that users can manage and change password. In cases where passwords are changed, the applications redirect the users back to the Identity Server login page (/nidp/app/login) with the parameter 'forceAuth=true'). This prompts the user to re-authenticate even though the users session to the Identity Server is actually valid.

After upgrading to 3.2, the same operation would NOT prompt the user to login again, but would simply render the Identity Server portal page, outlining that the users session is active for X minutes (where X is the session timeout).


Apply the 3.2 Support Pack 2 update.

Note that forceAuth=true is case sensitive.