000014588 - The Access Manager Agent is not protecting a URL that exists in the Entitlement Manager.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014588
Applies ToRSA Access Manager Agent 4.8
IssueThe Access Manager Agent is not protecting a URL that exists in the Entitlement Manager.
Users are getting access to protected URL's. 

A warning message"is considered to be unprotected" shows in the ct_agent.log file.

2009-04-27 10:02:22 -0700 - [3081132256] - <Debug> - No inclusion URI/extension match
2009-04-27 10:02:22 -0700 - [3081132256] - <Warning> - The url / is considered to be unprotected
2009-04-27 10:02:22 -0700 - [3081132256] - <Warning> - The url is not listed in cleartrust.agent.url_inclusion_list
2009-04-27 10:02:22 -0700 - [3081132256] - <Debug> - Status is: 21
2009-04-27 10:02:22 -0700 - [3081132256] - <Debug> - URI: /, User: (null)
2009-04-27 10:02:22 -0700 - [3081132256] - <Debug> - Status is: 21
2009-04-27 10:02:22 -0700 - [3081132256] - <Info> - URL is not protected

CauseIf the agent URL inclusion list is being used the agent will only check for entitlements for resources that are specifically on the list.
Resolution

See the following section in the webagent.conf file.  Note the Warning message. 

# Specifies a list of URLs to include for access control checks.
#
# NOTE:
#   For URLs that have space characters, the space characters should be
#   replaced by %20. For example:
#   cleartrust.agent.url_inclusion_list=/inclusion/the%20page.html
#
# Allowed Values:
#   A comma-separated list of URLs.
#
# Example:
#    cleartrust.agent.url_inclusion_list=/incl_dir1/*,/incl_dir2/*
#
# !!WARNING!!
# If this parameter is defined, then only those URLs would be considered for
# protection. If this parameter is not defined, then Authorization Server
# is contacted to check the protection status of the incoming URL.
#
#
cleartrust.agent.url_inclusion_list=

Legacy Article IDa45769

Attachments

    Outcomes