error illegal login attempt in IDM Login Page when status requires password change
search cancel

error illegal login attempt in IDM Login Page when status requires password change

book

Article ID: 247495

calendar_today

Updated On:

Products

CA Identity Manager

Issue/Introduction

We are getting below error while users are login into the IDM. If the user status is set to '0', then the user doesn't have any issues. But if the user status is set to 16777216 then we are facing the below issue. Users are not able to login with the status of 16777216.

Page cannot be found. Please check the URL. (/iam/im/widgetcopub/ui7/)

Url:-

https://iamuatint.widgitco.com/iam/im/XXXXX/ui7/index.jsp?task.tag=XXXXXX&SMENC=UTF-8&SMTOKEN=-SM-%7bRC2%7dKGO9uLgcJ1gXuP2h2NXQr6ui5HDJgnOVEYnS7ke5L2MaMHqSACgCw7po9j3IWKVrZZ1FqVMhytVY3YKf9pNRQNF3l70qTg20oP1qkGAe1ds%3d&USERNAME=user1test&SMAUTHREASON=20&SMAGENTNAME=rvSDXrMJHrHjwCMIUak0x8vOUlDowK3T1XJqorK7hkKskqvj0tZaMRuKLJfw54Tg&TARGET=-SM-http%3a%2f%2fiamuatint%2ecitco%2ecom%2fiam%2fim%2fcitco%2f

 

 

 

Environment

IDM is integrated with SSO/SiteMinder.

Cause

It's not just users with "password must change" set in their account status that have the problem. Actually, none of the public Identity Manager tasks are able to accept the SMSESSION from SiteMinder/SSO.

Resolution

Resolved by setting FrameworkAuthFilter = False in web.xml.

  • Navigate to 
    iam_im.ear/user_console.war/WEB-INF
     and open 
    web.xml
     for editing.
  • Locate the FrameworkAuthFilter and switch the value of the Enable init-param to false.