000020041 - How to protect and unprotect URLs with RSA ACE/Agent for Web

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000020041
Applies ToRSA ACE/Agent for Web
Linux
Sun Solaris
IssueHow to protect and unprotect URLs with RSA ACE/Agent for Web
Error: "No Server has been configured. Please use config to add new server." displayed on console when running the protectURL script
CauseThis error message is displayed because no virtual web servers have been added to the ACE/Agent configuration
ResolutionThe following procedure describes how to register virtual web servers with RSA ACE/Agent and how to protect and unprotect specific URLs:

1. Change to the subdirectory where the ACE/Agent for Web was installed -for instance "/opt/rsawebagent"

2. Register a virtual web server with the ACE/Agent for Web using "./config virtualwebsrv.domain.com", where "virtualwebsrv.domain.com" is the FQDN (Fully Qualified Distinguished Name) of the virtual Web server being registered.

NOTE: If necessary, use "./config  -d  virtualwebsrv.domain.com" to unregister a virtual web server

3. Enter "y" to confirm that a new virtual host must be register in the ACE/Agent for Web configuration

4. Accept and/or adjust the configuration parameters

5. Enter "y" to load the new configuration (if prompted) OR restart the Apache web server (e.g. using "./apachectl restart")

6. Run "./protectURL" to protect and/or unprotect URLs. When used with no parameters, the tool starts in interactive mode.

NOTE: ACE/Agent for Web keeps two lists for every virtual web server. URLs can be added/removed from any of the 2 lists:

 a. Protected URLs list. Users accessing URLs in this list will be required to authenticate.
 b. Unprotected URLs list. No authentication is required.

7. Alternatively, protectURL can be used in batch mode:

 a. Add a URL to the unprotected URLs list with "./protectURL -u -n URL"; for instance, "./protectURL -u -n /manual/index.html virtualwebsrv.domain.com" will unprotect the index page of the Apache manuals in the virtual web server ?virtualwebsrv.domain.com?. Enter "y" to load the new configuration (if prompted) or restart the Apache Web server.

 b. Remove a URL from either the protected or unprotected URLs list with "./protectURL -d -n URL"

NOTE: The following options can be used in batch to protect/unprotect multiple URLs at once:

 a. Import from a file a list of URLs to be protected using "./protectURL -a -f File_with_URLs". File_with_URLs is a text file with one URL per line - every URL will be added to the protected URL list.

 b. Use "./protectURL -d -f File_with_URLs" to remove the URLs from either the protected or unprotected URLs list

NOTE: All the available commands can be displayed with "./protectURL -h"

NOTE: The "rsawebagent/RSAWebAgent.INI" file contains the ACE/Agent configuration, including the protected and unprotected URLs lists

NOTE: The solution "Rapid Deployment Procedures for ACE/Apache Web Agent On Linux (including complete Apache Server Installation)" provides additional information
Legacy Article IDa13950

Attachments

    Outcomes