000014779 - AxM: Sun Java Webserver 7.0 - Users not having to authenticate to protected URLs

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014779
Applies ToSun Java Webserver 7.0
RSA Access Manager Agent version 4.8 for sjws 7.0 
Solaris 10 64 bit
IssueAxM: Sun Java Webserver 7.0 - Users not having to authenticate to protected URLs
 User authenticates fine, does not have the entitlement and should be denied. Logs show page protected. Redirecting to ct_deny ( Full URI: /cleartrust/ct_access_denied_en.html) is ignored and protected page is served.
Causesjws 7.0  orders entries in the obj.conf alphabetically. When doing this it placed the proxy entries above the NameTrans fn="ct-*" functions.  With this set it was only protecting locally hosted URLs, not the proxied ones. Urls being accessed were proxied ones
ResolutionMove proxy entries under the NameTrans fn="ct-*" functions
Legacy Article IDa42823

Attachments

    Outcomes