CA Single Sign On Secure Proxy Server (SiteMinder)CA Single Sign On Agents (SiteMinder)CA Single Sign On Federation (SiteMinder)SITEMINDER
We have a peculiar issue where a OAuth request is failing on IE browser. Its throwing 403 request forbidden error when its calling postredirector.jsp page. The same request is working on Chrome. I don't find any meaningful entries in the logs either.
Component : SITEMINDER FEDERATION
IE was refusing to follow the 302 redirect to the Target destination due to IE's security settings and was instead replaying the request to the oauthtokenconsumer URL, resulting in a 403 error. Unfortunately, when IE exhibits such behavior due to security settings, it gives no indication that it received a redirect that it's refusing to follow.
Adding the Target destination to IE's list of Trusted Sites resolved the problem.