000014301 - AXM - Aserver Side Custom Auth Type Cannot Be Used As Default Auth Mode

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014301
Applies ToAccess Manager version 4.x agents
IssueAXM - Aserver Side Custom Auth Type Cannot Be Used As Default Auth Mode

Custom authenticator class installed on aserver. Setting the appropriate settings in agent for its use
cleartrust.agent.custom_auth=rjcustomauth
cleartrust.agent.auth_resource_list=/*=rjcustomauth
cleartrust.agent.default_auth_mode=rjcustomauth
cleartrust.agent.attempt_multiple_authentications=False

The agent will not load

CauseCurrently the 4.x agents do not support any other value for the
cleartrust.agent.default_auth_mode apart from the allowed values; BASIC, NT , SECURID , CERTIFICATE, CUSTOM, IWA , NTLM. The behavior is functions as designed and requires an RFE  
Resolution

Cannot have the aserver "custom auth type"  as the "default auth mode".   Workaround is to set it to BASIC or a std auth type as defined in the webagent.conf file.

# Specifies the default authentication type for resources not defined in the
# 'auth_resource_list' parameter. If a URL does not match with the URLs
# specified in the authentication resource list, the value specified
# by this parameter is used as the authentication mechanism.
#
# Allowed Values:
#   BASIC
#   NT
#   SECURID
#   CERTIFICATE
#   CUSTOM
#   IWA
#   NTLM (Except for IIS.  See description for auth_resource_list.)
#
# Dependencies:
#   The resources specified in auth_resource_list are evaluated first.
#
cleartrust.agent.default_auth_mode=BASIC

Legacy Article IDa44743

Attachments

    Outcomes