on Jun 16, 2016Article Content
| Article Number | 000021058 |
| Applies To | RSA ClearTrust Agent 3.0.2 for Apache RSA ClearTrust Agent 3.5 for Apache RSA ClearTrust Agent for IBM HTTP IBM WebSphere 5.0.1 IBM WebSphere 5.0.2 IBM WebSphere 5.1 Tomcat 4.1.30 Apache 2.0.47 Apache 1.3.19.2 IBM HTTP Server (IHS) 1.3.19.2 |
| Issue | IBM WebSphere resources not protected when accessed via Apache or IBM HTTP Server (IHS) web server Apache Tomcat JSP and Java servlet resources not protected when accessed via Apache web server Error: "WARNING: mod_app_server_http: cb_read_body: Failed to read the full body from the browser. just_read = 0 of the expected 107" |
| Cause | A default installation will modify the Apache HTTPD.CONF with the following entries. In this example, the Apache web server is installed in c:\ihs-1-3-19-2: <Directory "C:/ihs-1-3-19-2/htdocs"> <IfModule ct_apache_mod.c> AuthType Basic Require valid-user AuthName CT </IfModule> ... ... This by definition will not protect any of the virtual data supplied from WebSphere (e.g. sample pages found at /WSsamples/en/index.html and /TechnologySamples/SimpleJSP) or any data supplied by a Tomcat server. |
| Resolution | To correct this issue, modify the HTTPD.CONF file to include the virtual locations of the IBM WebSphere data so the Apache signals RSA ClearTrust Agent to act. For example: <Location /TechnologySamples> <IfModule ct_apache_mod.c> AuthType Basic Require valid-user AuthName CT </IfModule> </Location> <Location /WSsamples> <IfModule ct_apache_mod.c> AuthType Basic Require valid-user AuthName CT </IfModule> </Location> The same logic applies if a Tomcat server is being used to deliver Java services to Apache. So given the following entries in HTTPD.CONF: JkMount /CSearch ajp13 jkMount /CSearch/* ajp13 , the following entries should be added to activate the RSA ClearTrust Agent: <Location /CSearch> <IfModule ct_apache_mod.c> AuthType Basic Require valid-user AuthName CT </IfModule> </Location> |
| Legacy Article ID | a20928 |