000011527 - AXM: User prompted with Windows popup for WebLogic domain prior to being prompted for ClearTrust authentication

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011527
Applies ToWebLogic startup script contains "set JAVA_OPTIONS=-Dweblogic.security.fullyDelegateAuthorization=true"
cleartrust_realm.properties parameter "cleartrust.agent.web_filter_enable=true"
BEA WebLogic 8.1
RSA ClearTrust Agent 3.5.2 for BEA WebLogic 8.1
IssueAXM: User prompted with Windows popup for WebLogic domain prior to being prompted for ClearTrust authentication
User prompted with Windows popup for WebLogic domain prior to being prompted for ClearTrust authentication
CausefullyDelegateAuthorization enabled will force the SPI to check authorization for all resources including those protected by the webfilter
ResolutionAdd the application names to the web filter protected apps list in cleartrust_realm.properties:

cleartrust.agent.web_filter_protected_apps_list=HelloWorldApp,_appsdir_cleartrust_war

The names of the applications must match the names given to the applications in the WebLogic console. You must include the authentication forms used by ClearTrust from the deployment of cleartrust.war.
WorkaroundApplied hotfix 3.5.2.05 or later to the WebLogic agent
Legacy Article IDa31500

Attachments

    Outcomes