Environment
Access Manager 4.0 SP1
Situation
An authorization policy is configured to deny access with a message, but instead of the deny message the client browser gets a HTML 406 Not Acceptable error.
DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<p>Additionally, a 406 Not Acceptable
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>
Resolution
Modify the application to accept text/html data, or use a redirect action instead of a deny message. The redirect could be to a page that has a similar deny message.
This has been reported to engineering .
This has been reported to engineering .
Cause
Check the value of the accept header being presented. The deny message will currently only accept text/html content type. If the application header specifies something like
Accept: application/json
then a 406 error will be returned.
Future updates of the Access Manager authorization deny policies will support more content types.
Accept: application/json
then a 406 error will be returned.
Future updates of the Access Manager authorization deny policies will support more content types.