When an authentication request exceeds 1024 characters and the browser requests for the favicon.ico object during a Liberty authnRequest, the browser redirection goes into a loop. This is applicable only on the Linux Access Gateway Appliance when browser is Firefox. By default, when the idff url length exceeds 1024 characters, instead of http redirect request, it converts to http POST request.
To workaround this issue:
Increase the URL length to more than 1024 characters by modifying the web.xml file available under the /var/opt/novell/tomcat5/webapps/nesp/WEB-INF folder.
You can configure the value parameter up to 2048 characters.
For example:
<context-param> <param-name>IDFFMaxURLLength/<param-name> <param-value>2048</param-value> </context-param>
Restart Tomcat.