000025359 - Custom implementation of login ASP form hangs when posting username/password to BASIC logon form

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025359
Applies ToRSA ClearTrust Agent 4.7 for Microsoft IIS
RSA ClearTrust 4.7
IssueCustom implementation of login ASP form hangs when posting username/password to BASIC logon form
Login form customization worked correctly in ClearTrust 4.6.1
CauseClearTrust 4.7 plugin uses query string (ct-iis-form-query) created by the login form that the ClearTrust 4.6.1 plugin did not create
ResolutionTo correct this issue, implement the creation of the ct-iis-form-query string on the page being posted to and add it as a header variable. A sample from the ct_logon.asp is shown below:

  If Request.ServerVariables( "REQUEST_METHOD" ) = "POST" Then
   CTUser = Request.Form( "user" )
   CTPassword = Request.Form( "password" )
   CTAuthMode = Request.Form( "auth_mode" )
   CTOrigUri = Request.Form( "ct_orig_uri" )

   QueryString = "user=" & CTUser & _
                "&password=" & CTPassword & _
                "&auth_mode=" & CTAuthMode & _
                "&ct_orig_uri=" & Server.URLEncode( CTOrigUri )
   Response.AddHeader "ct-iis-form-query", QueryString
WorkaroundUpgraded to 4.7 plugin
Legacy Article IDa10050

Attachments

    Outcomes