We have created a simple proxyrule for forwarding a URL to a webserver, the authentication scheme is working fine for the Basic Template but when we try to use the HTML Form template we cannot access the webserver and we get the error "web page cannot be found".
Is there any additional configuration that must be done for the HTML Form, beside the creation of the Authentication Scheme & the change to the application?
Thank you in regards!
I suppose you encountered an HTTP 404 error. This would be due to incorrect physical path to login.fcc.
Here is a workaround :
Copy a folder <secure-proxy>/proxy-engine/examples/forms
Hope this would help.
Thank you for your answer, we did the change of the folder, but we still get the same error (HTTP 404).
The login.fcc file is not at the secure proxy server but at a third server in which we have installed the Web Agent, also we have choose at the Scheme Setup not to use Relative Target but the third Web Server.
Is it possible to use this third server for the html authentication ?
By virtue of doing this "choose at the Scheme Setup not to use Relative Target but the third Web Server" we are doing a 302 redirect outside the CA Access Gateway. Thus CA Access Gateway login.fcc would not be used and we expose the third webserver URL on the browser. I hope we understand that.
Did we check where are we getting a 404. We have not stated in this blog at which juncture is the 404. Is it when CA Access Gateway issues a 302 to http://thirdwebserver-webagent.com/siteminderagent/login.fcc OR post authentication the third webserver sends the redirect back to CA Access Gateway to proxy the request to backend WebServer configured within the proxy rules.
Are you seeing the final redirect to FCC if you are using an HTTP header tool like fiddler ?
Are you seeing anying in the WebServer where the login.fcc is located ? Check the access.log and error.log for Apache Webserver. Do you have the correct alias defined ?
In the sample below, my Webagent is installed under /opt/CA/WA1252SP1CR04
extract of my httpd.conf
Alias /siteminderagent/pwcgi/ "/opt/CA/WA1252SP1CR04/webagent/pw/"
Options Indexes MultiViews ExecCGI
Require all granted
Alias /siteminderagent/pw/ "/opt/CA/WA1252SP1CR04/webagent/pw/"
Alias /siteminderagent/ "/opt/CA/WA1252SP1CR04/webagent/samples/"
Options Indexes MultiViews
Default target for the auth scheme : /siteminderagent/forms/login.fcc
Hope if helps,
Please review the following technote TEC1977406 on why you are see error 404 -
How to fix the deployment location of login pages on CA Access Gateway (formerly SPS Secure Proxy Server)
The CA Access Gateway (formerly CA SPS - Secure Proxy Server) once installed does not install the template login files in the place normally expected by default authentication schemes. This article shows you how to move them to the expected location.