000014576 - CT properties published in HTTP headers updated for unprotected resources after session expires

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014576
Applies ToRSA Access Manager Agents 4.x
IIS 6.0
Apache 2.x
CT properties (such as cleartrust.agent.export_last_touch_time) are published and updated in the HTTP headers for
unprotected resources even after the session has expired
ResolutionThe following hotfixes have been released to correct this issue:, and
 Since the issue is in the common code, the behaviour is same in both apache and IIS agents 
Legacy Article IDa45240