|Applies To||RSA Access Manager web agent 4.6|
ClearTrust 4.6 Web Agent
Microsoft Active Directory 2003
|Issue||Is cleartrust.agent.web_server_name in webagent.conf case sensitive|
Webserver unprotected due to mismatch in web_server_name in webagent.conf and server name entered in Administrative Console.
With Active Directory LDAP policy store - attribute values are stored with case intact, but searches against them are case-insensitive by default. Certain attributes (like password) are case-sensitive when searching. Therefore the web_server_name in webagent.conf and the webserver defined in Administrative Console do not have to match case.
With Oracle SQL Database policy store - attribute values are also stored with case intact, but Oracle SQL Database searches are usually case-sensitive by default. Therefore the web_server_name in webagent.conf and the webserver defined in Administrative Console must match case.
|Legacy Article ID||a38334|