000025239 - RSA ClearTrust Agent 4.6 for Apache 2.0.x exports user CT-Remote-User instead of CT_REMOTE_USER

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025239
Applies ToRSA ClearTrust Agent 4.6 for Apache 2.0.x
RSA ClearTrust Agent 3.5 for Apache 1.3.x
RSA ClearTrust Agent 4.6 for Microsoft IIS
IssueRSA ClearTrust Agent 4.6 for Apache 2.0.x exports user CT-Remote-User instead of CT_REMOTE_USER
CauseRSA ClearTrust Agent versions prior to 4.x exported header variables such as CT_REMOTE_USER with underscores. All the Agents 4.6, including the Agent 4.6 for IIS, set the header variables using names that contain dashes, not underscores, such as CT-REMOTE-USER. The standard specifically advises that underscores should not be used in header variables.

http://www.microsoft.com/windows2000/en/server/iis/default.asp?url=/windows2000/en/server/iis/htm/asp/vbob7yya.htm

http://www.asp-dev.com/main.asp?page=127

When you request a servervariable that contains a dash, you use an underscore character in the request. Also, when you display the servervariables collection, header variables that contain dashes are displayed with underscores.
Resolution
For backwards compatibility, you may wish to use a different header variable name when exporting ClearTrust header variables. Hot fix 4.6.0.22 introduced a new parameter that allows you to configure the name that is used to export headers:

    cleartrust.agent.exported_headers=

Contact RSA Security Customer Support to obtain hot fix 4.6.0.22, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels).
Legacy Article IDa25586

Attachments

    Outcomes