000029060 - Weblogic agent (identity asserter) does not allow cookie name other than CTSESSION

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029060
Applies ToRSA Access Manager Weblogic Agent version 5.0 for Weblogic
IssueThe ClearTrustIdentityAsserter will only use a cookie named CTSESSION that is set during build time in IdenntityAsserter.xml file and does not read the value from cleartrust_realm.properties for cleartrust.agent.cookie_name.
ResolutionFix has been in product since hot fix 4.7.0.06 Currently the following is the name of the tool jar once called agentttools.jar axm-wls-agent-tools-5.0.jar. Note: Class-path needs to be set prior to running the utility. Suggestion is to simply update any one of the existing scripts (for ex. runCacheTool.sh) with the appropriate utility class name and then execute. axm-wls-agent-tools-5.0.jar. Note: Class-path needs to be set prior to running the utility. Suggestion is to simply update any one of the existing scripts (for ex. runCacheTool.sh) with the appropriate utility class name and then execute. 1. Copy axm-wls-agent-tools-5.0.jar to AGENT_ROOT/tools/lib folder. 2. Change the value of the property "cleartrust.agent.cookie_name" to the desired name in cleartrust_realm.properties file. Location of this property file is : BEA_HOME/user_projects/domains\/properties And AGENT_ROOT/properties folders. 3. Start the Weblogic server. 4. Open Command prompt.Set the classpath for wljmxclient.jar file. Location of this file is: BEA_HOME/wlserver_10.0/server/lib 5. Append the classpath for axm-wls-agent-tools-5.0.jar file which you have copied in Step 1. 6. Run the EditCTTokenName class with appropriate host name, port, user id, password and desired token name.However token name should be same as what you set in Step 2. You can also provide realm name and Identity Asserter name but they are not mandatory.Default values for these are ClearTrustRealm and ClearTrustIdentityAsserter respectively. Example: java com.rsa.cleartrust.weblogic.security.tools.EditCTTokenName -h localhost -po 7001 -u weblogic -pass weblogic -token [-realm ] [-asserter ]. 7. Restart the Weblogic server.

Attachments

    Outcomes