000019693 - RSA ClearTrust login page looping

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019693
Applies ToMicrosoft Internet Explorer 6.0
cleartrust.agent.cookie_expiration set to value other than 0
Non-forms-based authentication works, and auth logs show user is authenticated
IssueRSA ClearTrust login page looping
Login page looping back after successful authentication
Web browser not prompting to save a cookie, and no cookie is being set
Single Sign-On (SSO) not working
CauseClient web browser contains incorrect system time
Internet Explorer (any version) cannot accept cookies with an expiration time in the past (Netscape will accept the cookie, but will force it to be updated on the next login). Session cookies do work correctly on browsers that contain the wrong time.
ResolutionTo correct this issue, ensure the client computer's web browser has the correct system time.

NOTE: Setting cleartrust.agent.cookie_expiration=0 will use session cookies that are not vulnerable to the problem.
Legacy Article IDa14562