IBM Tivoli Access Manager WebSEAL is a high performance, multi-threaded Web server that applies fine-grained security policy to the Tivoli Access Manager protected Web object space. WebSEAL can provide single sign-on solutions and incorporate back-end Web application server resources into its security policy.It can be used to provide an extra layer of security in front of a CLM application.
By default WebSeal will rename cookies coming from the server to the web browser to contain the WebSeal junction. When the cookies are sent back to the server WebSeal will remove the junction name so the server receives the cookie that it sent.
From version 5.0 onwards there is a new cookie sent from the CLM server to the web browser and there is new JavaScript code that reads the value of this cookie. As WebSeal renames the cookie this JavaScript raises an exception that prevents the CLM application from being displayed in the browser.
Symptoms are:
The web pages shos a message "Loading..." that never finishes
A popup window with a Error "Invalid template ..." message, see below.
Note the name of the cookie on the line "document.cookie = " contains "IV_JCT" which is a sign that the cookie has been renamed.
CLM in the web browser does not work but CLM in the Eclipse client does.