406 Not Acceptable message when Authorization policy has a deny message.

  • 7016033
  • 06-Jan-2015
  • 06-Jan-2015

Environment

Access Manager 4.0 SP1

Situation

An authorization policy is configured to deny access with a message, but instead of the deny message the client browser gets a HTML 406 Not Acceptable error.

DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested.  Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<p>Additionally, a 406 Not Acceptable
error was encountered while trying to use an ErrorDocument to handle the request.</p>
</body></html>
 

Resolution

Modify the application to accept text/html data, or use a redirect action instead of a deny message. The redirect could be to a page that has a similar deny message.
This has been reported to engineering .

Cause

Check the value of the accept header being presented. The deny message will currently only accept text/html content type. If the application header specifies something like
Accept: application/json
then  a 406 error will be returned.
Future updates of the Access Manager authorization deny policies will support more content types.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.