000024917 - How to use RSA ACE/Agent for Web to protect Microsoft Internet Information Services (IIS) default web page

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000024917
Applies ToMicrosoft Windows 2000
RSA ACE/Agent 1.1 for Windows 2000 (RRAS) (no longer supported as of 3-3-2003)
RSA ACE/Agent for Web
Microsoft Internet Information Server (IIS) 5.0
RSA ACE/Agent for Web is set to protect the root directory of the default web server
IssueHow to use RSA ACE/Agent for Web to protect Microsoft Internet Information Services (IIS) default web page
User prompted to authenticate twice
CauseWhen accessing http://server_name (default web page) user is translated to http://server_name/localstart.asp and is prompted to authenticate to that page.

Immediately after that an IIS help web page is called from localstart.asp. The source code of localstart.asp contains the link to http://localhost/iishelp/iis/misc/default.asp. The "localhost" in the link is not assumed to be "server_name". The cookie has been established for "server_name", not for "localhost".  That is what causes RSA ACE/Agent for Web to prompt for the second authentication.
ResolutionEdit \wwwroot\localstart.asp replacing "localhost" to "server_name" in the Functions 'loadHelpFront()' and 'activate'. This will prevent having to authenticate a second time.
Legacy Article ID6.0.1633351.2776136

Attachments

    Outcomes