000020308 - Web Express set PIN option does not prompt for PIN

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020308
Applies ToRSA SecurID Web Express 1.1
Microsoft Windows 2000 Server SP3
IssueWeb Express set PIN option does not prompt for PIN
User wants to set the PIN after accessing the token request page
User cannot create or change PIN using set PIN link on Token request page
CauseRSASecurIDWebExpress folder is protected with SecurID. When the user types the URL for Web Express,
they are challenged with securID authentication; they authenticate successfully, then click the link for Token request page.

Then, the user click the set PIN link on the left side of the page. User is not prompted with a Challenge or new PIN prompt. This is because the user has valid cookie, since they already passed through the authentication. User will then get a message that reads: "Congratulations. You have been successfully authenticated".
ResolutionEnd users are allowed to change their PIN without administrator's intervention on a browser. Only a valid user can change his PIN.

A user must be validated with SecurID credentials prior to changing the PIN. This can be configured by exclusively protecting the folder "Protected" using the following steps:

1. Unprotect default web site. Unprotect RSASecurIDWebExpress folder

2. Protect the explicitly "Protected" folder under RSASecurID folder. Stop and start the IIS Admin and WWW Publishing services.

3. Launch the browser with http://machinename/RSASecurID WebExpress (this is not protected)

4. Click the link Token Request Page

5. Click set PIN link on the left side

6. You will be prompted for SecurID

For additional details, please refer to Web Express 1.1 Installation and Configuration Manual page 25.
Legacy Article IDa15882