000021276 - Custom application causing SSO failures between iPlanet 4.0 and IIS 4.5 Web servers in RSA ClearTrust

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021276
Applies ToRSA ClearTrust Agent 4.5 for Microsoft IIS
RSA ClearTrust Agent 4.0 for Sun ONE Web Server 6.0
RSA Cookie
IssueCustom application causing SSO failures between iPlanet 4.0 and IIS 4.5 Web servers in RSA ClearTrust
CausePrevious to build 4.5.0.03 of RSA ClearTrust Agent 4.5 for Microsoft IIS, the URI retention cookie was named 1CTSESSION. This broke specific applications that did not allow a numeric value in the cookie name. Starting with build 4.5.0.03, the retention cookie was renamed to ACTSESSION to address this.

However, this had an adverse affect in environments with a mixture of IIS and Sun ONE Web servers with ClearTrust Agents installed, since the Sun ONE agents would still generate 1CTSESSION retention cookies. In certain circumstances, applications would cause SSO to fail between these two agents because of the cookie name mismatch.
ResolutionThis issue has been resolved in hot fix 4.0.0.14 for RSA ClearTrust Agent 4.0 for Sun ONE 6.0 Web server. Starting with this build, the name for URI retention cookies is now ACTSESSION. Contact RSA Security Customer Support to obtain this hot fix, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels). Follow the instructions in the Readme file for proper installation.
Legacy Article IDa21876

Attachments

    Outcomes