PAM HTML Web SSO auto login failed for Web Portal access when specified Launch URL is redirected
Article ID: 107054
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
A Web Portal type TCP/UDP Service has been configured using HTML WebSSO Auto Login. When trying to access the Web Portal this error is received:
Example Error Screenshot:
"Auto login timeout expired, possibly due to wrong credentials. Please contact your administrator."
This error may be accompanied by the following error message:
"Web portal connection to '<Service Name>' failed. Network mount for session recording unavailable."
Other Symptoms:
- The account credentials have been confirmed correct
- The Learn procedure has been followed and completed successfully
- After disabling Auto-login, it is possible to login using PAM's Web Portal by entering the credentials manually
- When accessing the link configured under the Launch URL of the TCP/UDP Service from a web browser it can be noted that the link URL is changed when the login page is displayed
Example Error Screenshot:
<Please see attached file for image>
Environment
PAM 3.x
Cause
HTML Web SSO Auto Login failed because specified Launch URL is redirected. The Web Portal auto login functionality expects to be able to login to the URL configured and is not designed to handle redirects.
For example:
In the sample TCP/UDP Service for TIBCO ActiveMatrix Web Portal from the screenshot above, the following Launch URL is configured:
For example:
In the sample TCP/UDP Service for TIBCO ActiveMatrix Web Portal from the screenshot above, the following Launch URL is configured:
http://<Local IP>:8120/amxadministrator/viewstatus.jsp
However, when visiting that link in a web browser it is immediately redirected to:
http://<Local IP>:8120/amxadministrator/loginForm.jsp
Resolution
Change the TCP/UDP Service setup to use a Launch URL that is not redirected.
Continuing with the examples above; "http://<Local IP>:8120/amxadministrator/loginForm.jsp" would be the correct link to use under Launch URL.
Continuing with the examples above; "http://<Local IP>:8120/amxadministrator/loginForm.jsp" would be the correct link to use under Launch URL.
Additional Information
Refer to Configure Automatic Login to Web Portals online documentation for more information.
Attachments
Feedback
Yes
No
Powered by
