000018784 - cleartrust.agent.retain_url.use_query_string=False

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018784
Applies ToRSA ClearTrust Agent 4.6 for Apache 2.0
URL redirection not working when integrating the ClearTrust 4.6 Agent for Apache 2.0 with FIM.
RSA Federated Identity Manager (FIM) 3.1
RSA Federated Identity Manager (FIM) 3.0
IssueFIM does not redirect the user to the SP (Service Providers) page, instead the user is left at the ClearTrust logon page after authentication.
The ClearTrust Agent does not redirect the user to the protected content, instead the user is left at the ct_home.html page.
CauseClearTrust Query String based redirection relies on a browser Meta refresh command to be executed from the ct_home.jsp page to redirect the user to the protected page.  In order for Query String based URL redirection to work with Apache based web servers you must use the jsp version of the logon pages instead of the default html based page ct_home.html.
ResolutionConfigure the Apache agent to serve the jsp versions of the logon pages.  You will have to serve the jsp pages from an application server such as Tomcat, WebLogic or Websphere. 
Workaround

The ClearTrust agent is configured to use Query String based redirection instead of the default cookie based redirection.

cleartrust.agent.retain_url=True

cleartrust.agent.retain_url.use_query_string=False

Legacy Article IDa35724

Attachments

    Outcomes