HTTP 404 accessing the 'Logon.fcc'
search cancel

HTTP 404 accessing the 'Logon.fcc'

book

Article ID: 274587

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

 

REQUEST: GET http://server_name.domain_name.com/siteminderagent/forms/login.fcc

RESPONSE: HTTP 404 (File Not Found).

Environment

 

Product: Siteminder

Component: Web Agent

Version: ANY

Web Server: IIS

Web Server OS: Windows Server

Cause

NOTE:  This issue is specific to MS IIS

In IIS the Web Site is assigned to an Application Pool.  The Application Pool is configured with an 'Identity' (user), along with the Managed Pipeline Mode (i.e. Integrated or Classic), along with a number of other settings.  When 'ApplicationPoolIdentity' is configured as the identity of an App Pool, then IIS creates a 'built-in user' on the Local Windows Server.  An application pool named 'AppPool1' will create a built-in user account (IIS AppPool\DefaultAppPool).  This is the user context that the w3wp.exe process for IIS will run under.  Likewise, this is the same user that the web agents 'LLAWP.exe' process will also run under since it will be invoked as a child process of the parent 'w3wp.exe' process.

When an 'application' is created in IIS, it will inherit the identity of the web site it is created under.  However, the App Pool for the application can be changed.  

This HTTP 404 response can occur when being directed to the login.fcc under the following conditions:

  • The web site is configured to use an App Pool (AppPool1)
  • The application defined within that web site is configured to use a different App Pool (AppPool2)
  • AppPool1 is configured with (IIS AppPool\AppPool1) and in Integrated Pipeline mode
  • AppPool2 is configured with (IIS AppPool\AppPool2) and in Classic Pipeline mode.
  • The Siteminder Web Agent is configured to protect the URL of the application pool.

This configuration mismatch is causing an issue when the web browser is redirected to the web agent, which is installed under the web site (AppPool1) and the resource is running under AppPool2 with a different user a pipeline mode.

Resolution

 

The web site where the web agent is running and the application within that web site that is being protected by the Siteminder Agent need to match

 

OPTION #1: 

Configure the Application to use the same Application Pool as the Web Site

OPTION #2: 

Configure the Web Site to use the same Appliction Pool as the Application 

Powered by Wolken Software