search cancel

Integrated Windows Authentication (IWA) auth scheme throws HTTP 500 error [00-0017] when TargetAsRelativeURI is checked.


Article ID: 51152


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



Webagent on Windows 2003 is honoring the ACO parameter "TargetAsRelativeURI" for NTLM authentication scheme. The target is fully qualified even when TargetAsRelativeURI is set to yes.

When the ACO parameter "TargetAsRelativeURI" is set to yes and the resource protected by IWA auth scheme is accessed from browser then, the webagent redirects to the .ntc [NTC credential collector] for authentication, but puts a FULLY QUALIFIED target on the query string. This causes the agent to reject the target and a 500 error [00-0017] is thrown.

Webagent trace log shows the following Error:
[Invalid Target found in the URL]


The actual working of webagent should be to redirect to the NTC for authentication, and put a RELATIVE target on the query string when ACO parameter "TargetAsRelativeURI" is set.

This issue has been fixed in webagent version 6.0-SP6 and R12-SP2-CR1.
Now webagent works correctly when ACO parameter "TargetAsRelativeURI" is set and IWA authentication is used.


Component: SMIIS