iOS Workspace Error "Http/1.1 Internal Server Error 43549" via Gateway nFactor Authentication
Article ID: CTX474876
Updated On:
Description
Workspace for iOS shows "Http/1.1 Internal Server Error 43549" after successful authentication via NetScaler Gateway.
Workspace for Windows works fine.
AAA nFactor authentication profile is configured in NetScaler Gateway.
Environment
This software application is provided to you as is with no representations, warranties or conditions of any kind. You may use and distribute it at your own risk. CITRIX DISCLAIMS ALL WARRANTIES WHATSOEVER, EXPRESS, IMPLIED, WRITTEN, ORAL OR STATUTORY, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NONINFRINGEMENT. Without limiting the generality of the foregoing, you acknowledge and agree that: (a) the software application may exhibit errors, design flaws or other problems, possibly resulting in loss of data or damage to property; (b) it may not be possible to make the software application fully functional; and (c) Citrix may, without notice or liability to you, cease to make available the current version and/or any future versions of the software application. In no event should the software application be used to support ultra-hazardous activities, including but not limited to life support or blasting activities. NEITHER CITRIX NOR ITS AFFILIATES OR AGENTS WILL BE LIABLE, UNDER BREACH OF CONTRACT OR ANY OTHER THEORY OF LIABILITY, FOR ANY DAMAGES WHATSOEVER ARISING FROM USE OF THE SOFTWARE APPLICATION, INCLUDING WITHOUT LIMITATION DIRECT, SPECIAL, INCIDENTAL, PUNITIVE, CONSEQUENTIAL OR OTHER DAMAGES, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. You agree to indemnify and defend Citrix against any and all claims arising from your use, modification or distribution of the software application.
Resolution
NetScaler fix will be available in new released build.
As a workaround, run the following commands manually.
>bind policy patset ns_aaa_relaystate_param_whitelist "citrixauthwebviewdone://" -index 1 -charset ASCII
Problem Cause
It's a known issue in NetScaler Gateway nFactor authentication scenario with BUG ID: NSHELP-33054.The authentication failed caused by "_ns_aaa_relaystate_param_whitelist" patset strings missing in NetScaler.
e.g.
In working NetScaler environment, below command out put should have below records included.
>show patset ns_aaa_relaystate_param_whitelist
The result should have below entity
1) Bound Pattern: citrixauthwebviewdone:// Index: 1 Charset: ASCII
Was this article helpful?
Yes
No
Powered by
