Description:

By default when SecureUrls=YES, the webagent will reject any request to an FCC that does not have SMQUERYDATA in the query string, and will throw a HTTP 500 error.

However, a switch in smpwservices.fcc called @smpwselfchange will undo this requirement for the smpwservices.fcc, so that users can do User Initiated Password Change while having SecureUrls=YES.

Following error is logged in webagent trace log.

[CSmHttpPlugin::ProcessResource][Error. Unable to handle request in Secure Mode.]

Solution:

Set @smpwselfchange directive in smpwservices.fcc is (i.e.) @smpwselfchange=1 and SecureUrls=yes.

For E.g-
=======
Set the ACO parameter SecureUrls to "yes".
Open smpwservices.fcc and set @smpwselfchange=1

Open a browser and access the password services FCC with no SMQUERYDATA, but with SMAUTHREASON=34 (to mimic user initiated password change) such as:

http://myserver.xyz.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=34&TARGET=http://myserver.xyz.com/protectedpages/page1.html

The smpwservices.fcc with the template for User Initiated Password Change (username, old password, new password, confirm new password) will be shown.