Hi Team,

I have a issue here with one of you reverse proxy.

History: one of our application is integrated into NAM 4.1 Appliance
using reverse proxy solution and UA is referenced in to that
application. Our environment have four servers (AG and IDP) installed
and divided into two data center.

Browser detail: Issue is occurring in IE11 only, chrome end up giving
error viz. too many redirection, however it work fine in Firefox and

-ISSUE: WHEN USER LOGGED INTO APPLICATION AND AUTHENTICATED. AFTER THAT
WHEN USER HIT THE UA REFERENCE THEN IT SHOWS ERROR [UNABLE TO
AUTHENTICATE (ESP-XXXXXXXXXXXXX)]. HOWEVER, WHEN USER FIRST LOGGED INTO
UA AND THEN TRYING TO ACCESS APPLICATION SSO WORK VERY FINE.
I SEE BELOW ERRORS INTO AG LOGS IN THE FAIL SCENARIO. THE SAME ERROR
SHOWN IN ALL THE SERVER AG LOG RESPECTIVE SERVERS.-

JUN 29 15:05:33 <SERVER NAME 3RD> HTTPD[16473]: [ERROR]
AMEVENTID#102279007: FAILED TO CONNECT TO WEBSERVER, REFERER:
HTTPS://<NIDP URL>:8443/NIDP/IDFF/SSO?ID=<CONTARCT
ID>&SID=0&OPTION=CREDENTIAL&SID=0&TARGET=HTTPS://EXAMPLE.COM/
JUN 29 15:39:13 <SERVER NAME 3RD> HTTPD[16473]: [ERROR] (70007)THE
TIMEOUT SPECIFIED HAS EXPIRED: AMEVENTID#102355199: PROXY: ERROR READING
STATUS LINE FROM REMOTE SERVER <WEB SERVER IP>:80, REFERER:
HTTPS://EXAMPLE.COM/APPS/<APPLICATION PATH>FORM1?READFORM

what I observe is that in the fail scenario when user trying to access
UA from application it go to third AG but fail to consume the
authentication.

Please help to get fix this issue.

Regards


--
sumitlal
------------------------------------------------------------------------
sumitlal's Profile: https://forums.netiq.com/member.php?userid=8930
View this thread: https://forums.netiq.com/showthread.php?t=56157