Authentication Error with FCCs if Passwords Contain Special Characters

Symptom:

If passwords contain special characters (such as $, +, %), users cannot authenticate with an FCC.

The following messages appear in my SiteMinder log files:

[User 'user_id' is not authenticated by Policy Server.]

Status: Error 49. 8009030C: LdapErr: DSID-0C0904D1, comment: AcceptSecurityContext error,

[SmDsLdapProvider.cpp:3001] [ldap_get_lderrno returns: 8009030C: LdapErr: DSID-0C0904D1, comment: AcceptSecurityContext error,

Solution:

Verify that the name of the PASSWORD attribute in your login.fcc file uses uppercase, as shown in the following examples:

<input type="password" name="PASSWORD" size="30" style="margin-left: 1px">
@password=PASSWORD=%PASSWORD%&newattr1=%newattr1%&newattr2=%newattr2%

Symptom:

I use a firewall between my agent and Policy Server. Sometimes the agent returns a 500 error when I try to access a page.

Solution:

Enable Keepalives on the agent by doing the following steps:

Locate the following environment variable on the computer hosting the web agent:
```
 SM_ENABLE_TCP_KEEPALIVE
```
Set the value of the previous environment variable to 1.

Symptom:

When a user is redirected to another page for one of the following reasons, content in the resulting page is not rendered properly.

Solution:

Add the following line to the http.conf file of your Apache web server:

“BrowserMatch ".*" suppress-error-charset”

Save the http.conf file and restart your web server for this setting to take effect.