000025132 - Access denied with Mozilla Firefox web browser and RSA ClearTrust AServer in passive mode

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025132
Applies ToRSA ClearTrust 5.5.3
Mozilla Firefox
RSA ClearTrust Authorization Server is in passive mode
IssueAccess denied with Mozilla Firefox web browser and RSA ClearTrust AServer in passive mode
CauseScenario:

- RSA ClearTrust is configured to run in passive mode, meaning all resources are protected by default

- A resource is defined in the Admin GUI, and access has been granted to it

When accessing the site with a Mozilla Firefox web browser, you get the login page and the credentials are presented. However, this results in the 'access denied' page. If you then browse directly to the protected resource, you get access. This problem doesn't occur when using Microsoft Internet Explorer web browser.

The problem is that by default, Mozilla Firefox will do a GET request for a graphic file called favicon.ico to the root directory of the web server, which it then displays in the address bar and in the favorites.
ResolutionThere are 2 ways to get around this.
 
1. Exclude /favicon.ico in webagent.conf or cleartrust.properties

2. Disable the option in Mozilla Firefox by putting about:config into the address bar and toggling the value of browser.chrome.favicons
NotesAlso see solution a25146
Legacy Article IDa25332

Attachments

    Outcomes