|Applies To||RSA ClearTrust Agent 3.5 for Apache|
Sun Solaris 2.8
|Issue||RSA SecurID Next Token Mode and New PIN Mode fail with ClearTrust Agent 3.5 for Apache|
The ClearTrust Agent 3.5 for Apache is configured to use SecurID authentication for a protected resource. Additionally, it is set up to use the Authentication Servers in DISTRIBUTED mode and CTSharedPoolEnable is set to YES. SecurID Next Token Mode and New PIN Mode will fail; however, either disabling CTSharedPoolEnable or setting the CT AuthServer to STANDARD mode resolves the problem.
|Cause||There is a bug with the way the new ClearTrust Shared Pool for Apache handles the SecurID authentication state. For this to work correctly, the Agent must reconnect the user to the same Authentication Server that has initiated contact with the ACE Server.|
|Resolution||This issue is now resolved and is included in the latest patch release of RSA ClearTrust Agent for Apache 1.3c and Apache 2 on both Solaris and Linux. To obtain the latest release of Agent, visit RSA SecurCare Online's Downloads area, or contact RSA Security Customer Support directly.|
|Legacy Article ID||a19878|