Knowledge Doc: None idle / active user session with the Access Gateway expires on IDP after configured Contract Authentication Timeout

0 Likes

Summary
None idle / active user session with the Access Gateway expires on IDP after configured Contract Authentication Timeout

Products
Access Manager (NAM)

Environment
NetIQ Access Manager Version 4.5.6
NetIQ Access Manager Version 5.0.3

Situation
CSRFDetectionFilter has been enabled on all IDP cluster nodes within the "/opt/novell/nids/lib/webapp/WEB-INF/web.xml" as below
<filter>
<filter-name>CSRFDetectionFilter</filter-name>
<filter-class>com.novell.nidp.servlets.filters.csrf.CSRFDetectionFilter</filter-class>
<description>This filter is used to detect CSRF attacks in NIDS, for an authenticated session</description>
<init-param>
<param-name>active</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>exclude</param-name>
<param-value>metadata</param-value>
</init-param>
<init-param>
<param-name>RefererWhitelist</param-name>
<param-value></param-value>
</init-param>
<init-param>
<param-name>RequestWhitelist</param-name>
<param-value>GET</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CSRFDetectionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

Read Knowledge Base Article for full situation, cause and resolution


URL Name
KM000012041

Labels:

Knowledge Docs
Comment List
Related
Recommended