We had AEM Forms 6.1, JEE version based on WebSphere 8.5, in RedHat Linux.
Recently, we upgraded to 6.2, SP1. During the upgrade, we were told to disable WebSphere global security. The upgrade was successful and it has been running for a couple of months. Now we need to have WebSphere security enabled. That's when the problem started. If we enable WAS admin security, we couldn't get login to work. It failed at "/lc/j_securit_check". An HTTP 500 was returned, like
Error 500: java.lang.IllegalArgumentException: Location cannot be null in javax.servlet.http.HttpServletResponse.sendRedirect(location)
We tried to follow instructions given by Adobe support to replace "j_security_check" in some login.jsp files and made some configuration in Apache Sling Authentication Service and Day CRX Token Authentication Handler. The login still failed with 500 error, but a little bit different,
org.apache.sling.api.SlingException: Exception during response processing.
When we tried to revert the changes made, the server now doesn't even show the login screen/popup when accessing "http://hostname:port/lc". It gives, error
HTTP 403 Forbidden
while redirecting to http://hostname:port/lc/libs/livecycle/core/content/login.html?ap=1
How can we reset the AEM security to the out-of-box default? Where can we find out where the issue is? Can we enable debugging mode to find out more information?