Problems to access Sentinel proctected by NAM after upgrading to version 8.2

  • 7023803
  • 02-Apr-2019
  • 02-Apr-2019


  • Access Manager 4.4
  • Sentinel 8.2


  • Sentinel 8.2 listening on port 8443
  • Access Manager 4.4 Access Gateway configured to protect the Sentinel 8.2 web service
  • Different URL / references are using the internal Hostname and Port instead of the public Hostname and Port exposed by the Access Gateway


Add the advanced Access Gateway Option: "RWOutboundHeaderQueryString on" to the proxy service protecting the Sentinel server. This will make sure that the rewriter process will parse the as well query parameters for any outgoing request and as well for the incoming location header on a HTTP 302 redirect


Sentinel uses a location header for a HTTP 302 redirect which includes URLs as query parameter. In the below case it s the "redirect_uri" parameter

HTTP/1.1 302 Found
Date: Tue, 26 Feb 2019 09:32:58 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Frame-Options: SAMEORIGIN
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache
Cache-Control: no-store
Content-Language: en-US
Set-Cookie: JSESSIONID=1v8mm579ablb38wqh52pj2zy7;Path=/sentinel;Secure;HttpOnly
Cache-Control: no-store
Cache-Control: no-cache
Via: 1.1 (Access Gateway-ag-AAAC28CD42E8B2C1-138534)
Content-Length: 0
Keep-Alive: timeout=300, max=98
Connection: Keep-Alive
Content-Type: text/html