000021792 - What is the purpose of the ct-iis-form-query variable in RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) ct_logon.asp or ct_logon.jsp page?

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021792
Applies ToRSA ClearTrust Agent 4.6 for Apache
Microsoft Windows 2000 Professional SP4
RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) 6.0
IssueWhat is the purpose of the ct-iis-form-query variable in RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) ct_logon.asp or ct_logon.jsp page?
Custom RSA ClearTrust logon pages not working properly on Microsoft IIS
Resolution
The ct_logon.jsp and logon.asp pages for RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) accept the user authentication information in form variables, and POSTS them back to the ct_logon page itself. Then the ct_logon page concatenates the information from the form variables and sets a header variable called ct-iis-form-query to this value and issues a Response.Redirect to the ct_logon page. The Agent intercepts this redirect, and extracts the authentication information from the header variable. The extra steps in the IIS logon pages are to work around some difficulties in the way IIS process the POST information. It is important that this method be retained when creating logon pages for the IIS Agent. Using the POST method of authentication is not sufficient to provide the full and correct functioning of the IIS Agent.

Other agents accept the user authentication information in form variables and POSTS them back to the ct_logon page itself. The agent intercepts the POST event and extracts the logon information from the POST event.
Legacy Article IDa25111

Attachments

    Outcomes