|
|
|
User is granted access to a resource without being challenged or receives an HTTP 403: Forbidden Error without being challenged.
|
Log Message |
Possible Cause |
Proposed Solution |
|---|---|---|
|
SiteMinder JACC Provider logs indicate that resource is not protected. |
The resource might not be protected by the SiteMinder JACC Provider if the request contains query data and the IgnoreQueryData Agent configuration parameter is set to NO. |
Create a policy protecting the resource and the query data in SiteMinder Policy Server or change the value of the IgnoreQueryData Agent configuration parameter to yes for the SiteMinder JACC Provider. |
|
Check SiteMinder JACC Provider and SiteMinder TAI logs. |
SiteMinder JACC Provider ignores the request. |
Check if the extension for the requested resource is configured in IgnoreEXt parameter. If it is, remove it. |
|
The final resource being accessed might be accessed using forward or include (that is, server side redirect); the SiteMinder Agent ignores these requests. |
||
|
Check SiteMinder JACC Provider and SiteMinder TAI logs. |
IgnoreQueryData Agent configuration parameter is set to YES for SiteMinder JACC Provider but IgnoreQueryData is set to NO for the SiteMinder TAI If a request contains query data and SiteMinder JACC Provider is configured to ignore the query data, it considers the resource protected and the request is redirected to the SiteMinder TAI. The SiteMinder TAI is configured not to ignore the query data and thus considers the resource not protected and does not create SiteMinder Principal object. The JACC then denies the user access to the resource.
|
Configure matching values for the IgnoreQueryData Agent configuration parameter for the SiteMinder TAI and SiteMinder JACC Provider.
|
| Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |