Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000025894 - RSA ClearTrust users receive Server Error when attempting HTTP forms-based authentication using RSA SecurID token

Document created by RSA Customer Support

on Jun 16, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000025894
Applies To	RSA ClearTrust 5.0.1 RSA ClearTrust Authorization Server (AServer) RSA ACE/Agent UNIX (AIX, HP-UX, Solaris) Forms-based authentication RSA SecurID Authentication
Issue	RSA ClearTrust users receive Server Error when attempting HTTP forms-based authentication using RSA SecurID token RSA ClearTrust Authorization server debug log shows the following errors: "TCP: error on socket: java.io.IOException: Unable to send data to receiver." java.io.IOException: Unable to send data to receiver. at sirrus.util.io.FlushingByteArrayOutputStream.checkForStreamClosure(FlushingByteArrayOutputStream.java:140) at sirrus.util.io.FlushingByteArrayOutputStream.write(FlushingByteArrayOutputStream.java:80) at java.io.DataOutputStream.writeByte(DataOutputStream.java:129) at sirrus.util.io.rpc.fope.ObjectNode.writeTypeToStream(ObjectNode.java:61) at sirrus.util.io.rpc.fope.Node.writeToStream(Node.java:42) at sirrus.util.io.rpc.fope.NodeFactory.convertNodeToStream(NodeFactory.java:67) at sirrus.util.io.rpc.RPCManager.invokeLocalProcedure(RPCManager.java:151) at sirrus.authserver.MuxRequestThreadPool$MuxRequestThread.serviceRequest(MuxRequestThreadPool.java:85) at sirrus.authserver.MuxRequestThreadPool$MuxRequestThread.run(MuxRequestThreadPool.java:142) Examination of RSA ACE/Server logs confirms that no request was sent to the ACE/Server
Cause	The user account used to start the ClearTrust Authorization Server must have read and write access to the ACE/Agent /var/ace directory, and must have read access to the securid file in this directory. Incorrect permissions can occur if the SecurID ACE/Agent was installed as root but the ClearTrust servers run as a non-root user.
Resolution	To correct this issue, follow these steps: 1. Change the permissions of the ACE/Agent /var/ace directory on the RSA ClearTrust Authorization Server (chmod 755 /var/ace) 2. If it exists, delete the securid node secret file: /var/ace/securid 3. Using the ACE/Server Administration Console, edit the agent-host record of the ClearTrust Authorization Server; if checked, uncheck the box "Node Secret Sent" 4. Click OK to save the change 5. Restart the ClearTrust Authorization Server 6. Access a ClearTrust-protected Web resource and authenticate with SecurID 7. Verify that the /var/ace/securid file was recreated and is owned by the ClearTrust Authorization Server user account
Legacy Article ID	a17575

Attachments

Outcomes

0 Comments

Recommended Content