A user has "must change password" status. The user logs onto a protected Identity Manager (IM) URL and is supposed to be redirected to IM PasswordServices page by SiteMinder (SM) to reset password. However, the user sees IM native login page instead with login error message.
SM trace log and webagent trace log have no error.
IM server log shows "The required Siteminder headers were not found. Logon denied".
If a user requests PasswordServices page directly via the application, the page is displayed fine.
If a user requests PasswordServices page directly via the proxy server (anonymously-protected by SM auth scheme), the user is presented with IM login page and a login error message on the page.