000012738 - AxM agent - How to clear URL retention cookie after use.

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012738
Applies ToRSA Access Manager Agent v 4.8 for Apache 2.0.x Agent for Linux 64-bit
RSA Access Manager Agent v 4.8 for IIS 7 Agent for Windows 2008 32-bit/64-bit
RSA Access Manager Agent v 4.7 for Apache 2.0 for Red Hat 32-bit
IssueAxM agent - How to clear URL retention cookie after use.
The customer requested that the ACTSESSION cookie should be blanked out after the user is authenticated and it should be configurable to be backwards compatible.
ResolutionA new configuration parameter has been introduced and based on its value, agent would clear the url retention cookie ACTSESSION (default cookie name) after authentication.
    # This parameter decides whether ACTSESSION cookie should be
    # blanked out after use or not.
    #
    # Allowed Values:
    #    True       The ACTSESSION cookie is cleared after use.
    #    False      The ACTSESSION cookie is not cleared after use.
    #
    # Default Value:
    #    False
    cleartrust.agent.clear_retention_cookie_after_use=False
This problem has been resolved in hotfix 4.8.0.34  and 4.7.0.54 for the above listed agents.  Please contact RSA Customer Support and request this hotfix or later as these hotfixes are  cumulative. Future agents of other types will adopt this feature as they are released.
Legacy Article IDa48595

Attachments

    Outcomes