ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Cannot create a connector between IM and IP

book

Article ID: 238949

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Portal CA Identity Suite

Issue/Introduction

Both CA Identity Manager (IM) and CA Identity Portal (IP) were running Jboss 6.4 with IM 14.3.  The integration between IM and IP was working as expected.

When the IM system was upgraded to Jboss 7.2 and IP remained on Jboss 6.4 (IP is only supported on Jboss 6.4 - See Platform support guide below), the integration fails with an error.

Error: Code: 5, Literal: UNSECURED_CONNECTION_NOT_PREMITTED, Message: Web service request cannot be performed over non-SSL

14.3 IM PSM (Platform Support Matrix)
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-3/platform-support-matrix/server-environments.html

14.3 IP PSM
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-portal/14-3/platform-support.html

Cause

This is NOT a CA Identity Manager (Symantec IGA) issue.  This problem is caused by the JBoss 7.2 transforming the https request to http after authenticating a user. It was due to a change in JBoss 7.2 code. 

Environment

Release : 14.3 CP2

Component : IdentityMinder(Identity Manager)

Resolution

To address this issue, edit the "standalone-full-ha.xml" file and in the line defining the ajp listener, set the scheme to https instead of http as below and restart JBoss.

<ajp-listener name="ajp" socket-binding="ajp" enabled="true" scheme="https"/>