HTTP Error 500 when accessing html page during Integrated Windows Authentication Scheme setup.

book

Article ID: 51368

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

When implementing the IWA (Integrated Windows Authentication) Scheme for Windows based login access to web pages protected by Siteminder you receive an HTTP error of 500 after the IWA scheme is completed on the SMWAMUI side. Below is the log reference and the steps to successfully complete the full scheme. The information is based on using Internet Information Services v7.0.

Solution:

After you have configured the Siteminder Web Agent for trace logging you will see the following error in the trace during the IsProtected stage of the login process.

[CSmHttpPlugin::ProcessResponses][Processing IsProtected responses.][GET][][/protected-web-page-start.html]
[AuthenticateUser][User 'NT AUTHORITY\IUSR' is not authenticated by Policy Server.][GET][][/protected-web-page-start.html]
  • The result is an HTTP 500 error from the Browser window.

Please complete the following steps from the Internet Information Services Manager (v7.0).

  1. Expand WebServer hostname
  2. Expand Default Web Site
  3. Click on the NTLM virtual directory
  4. Double-Click the Authentication icon
  5. Disable Anonymous access
  6. Enable Windows Authentication
  7. Restart IIS

Note: This action does not have to be done from the root of the Default-Web-Site level.

As always, if you have any questions or concerns regarding the steps mentioned in this Technical document, please do not hesitate to open a case with CA support.

Environment

Release:
Component: SMIIS