000014557 - AxM 4.8 Agent for IIS: SAP integration is failing

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014557
Applies ToRSA Access Manager Agent 4.8 for IIS 6.0
SAP 6.0

Custom RSA ClearTrust SAP integration using the HeaderLoignModule
IssueAxM 4.8 Agent for IIS: SAP integration is failing

SAP integration does not work.  Authentication fails with the error:


CauseThe parameter cleartrust.agent.httponly=True has been set in the webagent.conf file. This parameter sets the http only flag on the CTSESSOIN cookie which prevents the browser from providing the cookie to applications outside of the web server.  The SAP integration module depends on the CTSESSION value being set in the headers.  This parameter was introduced in the 4.8 Agent and is set to false by default.
ResolutionIf the CTSESSION cookie is required by external applications you should ensure that the cleartrust.agent.httponly flag is set to the default value of false.
WorkaroundThe parameter cleartrust.agent.httponly=True
Legacy Article IDa46752