Article Content
Article Number | 000024214 |
Applies To | RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) 6.0 Microsoft Internet Information Server (IIS) 6.0 Microsoft Windows 2000 Professional SP4 Password Replay Protocol Transition ctagent.log file shows the following: 1124679643.718:[4004/5096]:<Info>:[GetExtensionVersion]:Domain name: NOZ 1124679643.718:[4004/5096]:<Info>:[GetExtensionVersion]:WildCard map extension loaded 1124679643.718:[4004/5096]:<Debug>:[HttpExtensionProc]:Got uri: /test/ 1124679643.718:[4004/5096]:<Critical>:[HttpExtensionProc]:Failed to get HTTP_CT_TOKEN_REQUEST |
Issue | Applications that authenticate using HTTP authentication do not set Microsoft Windows Token with Protocol Transition and Password Replay in RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) 6.0 Protocol Transition fails with a 401.3 error page. |
Cause | This occurred because the calls to obtain the Microsoft Windows Token occurred prior to the interception of the HTTP authentication headers |
Resolution | This issue has been resolved in a hot fix for RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) 6.0. Contact RSA Security Customer Support to obtain hot fix 4.6.0.72, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels). NOTE: For HTTP authentication to function correctly, the ClearTrust Agent must be configured with clearturst.agent.ignore_http_auth=FALSE and cleartrust.agent.iis.preproc_auth_enabled=TRUE |
Notes | Note: This hotfix has been superseded by hotfix 4.6.0.76. (see solution RSA ClearTrust Agent 4.6 for Microsoft Internet Information Services (IIS) hot fix 4.6.0.72 breaks Protocol Transition with Preproc DISABLED). Please do not use this hotfix version, instead request the latest hotfix version from RSA Support. Note: This solution is not applicable to older revisions. Please update your agent to the latest hotfix. In later hotfixes there is no longer a dependency on the preproc_auth_enabled setting. |
Legacy Article ID | a27774 |