apundCG Absent Member.
Absent Member.
372 views

Application Protected Via Access Manager Getting Error.


Error:NIDPMAIN.***************************** (An error has occurred
which may have invalidated your authentication. Please try refreshing
the browser page. If this error persists, please close this browser
window, open a new browser, and login again.)

We have NAM 4.1 Setup with 2 nodes Cluster .

During integration of one application with Novell Access Manger we are
receiving the above error intermittently.

Some times user access the Application with out error, the next time
after closing the browser the user reopens the browser and access the
same application received the above error.

Any suggestions if any configuration needs to be updated


--
apundCG
------------------------------------------------------------------------
apundCG's Profile: https://forums.netiq.com/member.php?userid=8431
View this thread: https://forums.netiq.com/showthread.php?t=53994

0 Likes
8 Replies
Knowledge Partner
Knowledge Partner

Re: Application Protected Via Access Manager Getting Error.


apundCG;259527 Wrote:
> Error:NIDPMAIN.***************************** (An error has occurred
> which may have invalidated your authentication. Please try refreshing
> the browser page. If this error persists, please close this browser
> window, open a new browser, and login again.)
>
> We have NAM 4.1 Setup with 2 nodes Cluster .
>
> During integration of one application with Novell Access Manger we are
> receiving the above error intermittently.
>
> Some times user access the Application with out error, the next time
> after closing the browser the user reopens the browser and access the
> same application received the above error.
>
> Any suggestions if any configuration needs to be updated


Is there an actual error code?

I'm assuming you are accessing the AG resource that is redirecting the
user to the IDS Login page, and that's where they get the error? OR do
they get the error after authenticating?

We occasionally get a similar error, but usually it's because the
session has timed out and the user has clicked a bookmarked link that
has the session information in it.

--Kevin


--
kjhurni
------------------------------------------------------------------------
kjhurni's Profile: https://forums.netiq.com/member.php?userid=322
View this thread: https://forums.netiq.com/showthread.php?t=53994

0 Likes
apundCG Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.


The user receives error after authenticating .
For First time when the user access the application it works fine with
out any error .
From next session if the user tries to access with the same browser the
error is displayed to the end user.


--
apundCG
------------------------------------------------------------------------
apundCG's Profile: https://forums.netiq.com/member.php?userid=8431
View this thread: https://forums.netiq.com/showthread.php?t=53994

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.

apundCG wrote:

>
> The user receives error after authenticating .
> For First time when the user access the application it works fine with
> out any error .
> From next session if the user tries to access with the same browser
> the error is displayed to the end user.


How many access gateways do you have?

--
Cheers,
Edward
0 Likes
apundCG Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.


There are two access gateways installed .
It is an Access Manager Appliance Appliance Build 4.1

Edward van der Maas;259684 Wrote:
> apundCG wrote:
>
> >
> > The user receives error after authenticating .
> > For First time when the user access the application it works fine

> with
> > out any error .
> > From next session if the user tries to access with the same browser
> > the error is displayed to the end user.

>
> How many access gateways do you have?
>
> --
> Cheers,
> Edward



--
apundCG
------------------------------------------------------------------------
apundCG's Profile: https://forums.netiq.com/member.php?userid=8431
View this thread: https://forums.netiq.com/showthread.php?t=53994

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.

apundCG wrote:

>
> There are two access gateways installed .
> It is an Access Manager Appliance Appliance Build 4.1


OK, my guess is that the ESP's are trying to communicate with eachother
and the proxying is failing because the certificate used on the ESP
resource is signed by an external CA and that CA is not trusted by the
ESP.

Can you confirm that the cert you used for your ESP is issued by a
external CA? And if so, check if the intermediate root (if applicable)
and root cert are part of the ESP trust store.

--
Cheers,
Edward
0 Likes
Knowledge Partner
Knowledge Partner

Re: Application Protected Via Access Manager Getting Error.

apundCG <apundCG@no-mx.forums.microfocus.com> wrote:
> Error:NIDPMAIN.***************************** (An error has occurred
> which may have invalidated your authentication. Please try refreshing
> the browser page. If this error persists, please close this browser
> window, open a new browser, and login again.)
>


There is an option (default on) that blocks connections when the source ip
changes

Think it might be worded as related to when you are behind a load balancer.

Try turning that off and see if it helps.

--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
matthewehle Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.


alexmchugh;259532 Wrote:
> apundCG <apundCG@no-mx.forums.microfocus.com> wrote:
> > Error:NIDPMAIN.***************************** (An error has occurred
> > which may have invalidated your authentication. Please try refreshing
> > the browser page. If this error persists, please close this browser
> > window, open a new browser, and login again.)
> >

>
> There is an option (default on) that blocks connections when the source
> ip
> changes
>
> Think it might be worded as related to when you are behind a load
> balancer.
>
> Try turning that off and see if it helps.
>


I'm going to second this one. I remember getting this or a similar
message when we enforced source IP on the session.

In principle, it seems like the IP address verification is a useful
security measure, but it was far too much of a headache. VPN, short
DHCP leases, NAT pools, etc. all conspire to cause problems with the
user session.

The advanced setting you would be looking for is NAGGlobalOptions
NAGErrorOnIPMismatch=off


--
MatthewEhle
------------------------------------------------------------------------
MatthewEhle's Profile: https://forums.netiq.com/member.php?userid=4
View this thread: https://forums.netiq.com/showthread.php?t=53994

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Application Protected Via Access Manager Getting Error.

apundCG wrote:

>
> Error:NIDPMAIN.***************************** (An error has occurred
> which may have invalidated your authentication. Please try refreshing
> the browser page. If this error persists, please close this browser
> window, open a new browser, and login again.)
>
> We have NAM 4.1 Setup with 2 nodes Cluster .
>
> During integration of one application with Novell Access Manger we are
> receiving the above error intermittently.
>
> Some times user access the Application with out error, the next time
> after closing the browser the user reopens the browser and access the
> same application received the above error.
>
> Any suggestions if any configuration needs to be updated


You want to check the ESP logs for this. It can be a tricky one to
troubleshoot but if you dig through the ESP logs and you know your
JSessionID might be able to find what triggered this message.

--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.