PAM HTML Web SSO auto login failed for Web Portal access when specified Launch URL is redirected
Article ID: 107054
Updated On: 07-29-2024
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
A Web Portal type TCP/UDP Service has been configured using HTML WebSSO Auto Login. When trying to access the Web Portal this error is received:
"Auto login timeout expired, possibly due to wrong credentials. Please contact your administrator."
This error may be accompanied by the following error message:
"Web portal connection to '<Service Name>' failed. Network mount for session recording unavailable."
Other Symptoms:
- The account credentials have been confirmed correct
- The Learn procedure has been followed and completed successfully
- After disabling Auto-login, it is possible to login using PAM's Web Portal by entering the credentials manually
- When accessing the link configured under the Launch URL of the TCP/UDP Service from a web browser it can be noted that the link URL is changed when the login page is displayed
Environment
PAM 4.x
Cause
HTML Web SSO Auto Login failed because specified Launch URL is redirected. The Web Portal auto login functionality expects to be able to login to the URL configured and is not designed to handle redirects.
For example:
Lets take that the following Launch URL is configured:
http://<Local IP>:8120/page/viewstatus.jsp
However, when visiting that link in a web browser it is immediately redirected to:
http://<Local IP>:8120/page/loginForm.jsp
Resolution
Change the TCP/UDP Service setup to use a Launch URL that is not redirected.
Continuing with the examples above; "http://<Local IP>:8120/page/loginForm.jsp" would be the correct link to use under Launch URL.
Attachments
Feedback
Yes
No
Powered by
