Identity Servers
Server Name Type Version Linux + IR1-201

Access Gateways
Server Name Type Version Service Provider MAG Appliance 3.2.1-57 + IR1-201
+ IR1-201

We have an webapplication that is receiving an POST from a system on the
That system has a "client" certificate.

We are trying to set up X.509 Mutual authentication for that
communication. As its no user we cant involve any
user interaction, and the other system doesnt allow for a redirection
(to the IDP url).

We have a user in LDAP (eDirectory) configured with mail adress that
corresponds with the certificate Email.
That user has no password. And no Default Login Sequence set.

We have set up X509 classes, methods and contract according to
documentation and imported the right certificates
into the Trusted stores.

The ldap connection is done by an admin with write rights to the LDAP

We tried to set the X509 Contract with Non-Redirected Login Enabled.

When we dont have the Non-Redirected Login enabled we get a 302 HTTP
When we have the Non-Redirected Login enabled we get a 401 HTTP error.

What can be wrong or how do we troubleshoot this best?

Please tell me if more information is needed.
Thank you!

AnetteLO's Profile: https://forums.netiq.com/member.php?userid=511
View this thread: https://forums.netiq.com/showthread.php?t=47063