|Applies To||Microsoft Windows 2000 SP4|
RSA ClearTrust 5.5.2
Sun Solaris 2.9
Sun ONE Web Server 6.1
RSA ClearTrust Agent 4.6 for Sun ONE Web Server
|Issue||How to implement centralized logon from an SSL encrypted server to server non SSL content|
Once authenticated, the user is presented with the Cleartrust login screen again and the login fields are blanked out. The agent debug log shows:
Oct 22, 2004 10:53:13 AM PDT -  - <Debug> - Cookie is not set in svrhdrs
The ClearTrust logon form was modified to explicitly redirect the user from a non-SSL page to the SSL logon page.
<META HTTP-EQUIV="REFRESH" CONTENT="10;URL=https://<machine_name>:443/cleartrust/ct_logon_en.html">
This configuration is not required nor recommended.
The ClearTrust webagent.conf file can be configured to use a full URI for the logon form location:
This achieves the login to be redirected to port 443 via SSL connection and once authenticated, the user is redirected back to the port 80 web resource.
|Notes||The following settings also need to be correct for redirection to work between the SSL enabled logon page and non ssl enable content pages: |
Ensure also that your webagent.conf file has:
# Specifies that the browser should accept and send cookies only via secure
<VirtualHost address=* name=* port=443>
Your server.xml file should contain:
<LS id="ls1" port="80" servername="vdc-support6s.na.rsa.net" defaultvs="https-vdc-support6s.na.rsa.net" security="off" ip="any" blocking="false" acceptorthreads="1"/>
Your webserver should also be appropriately configured to serve pages with SSL connections enabled.
|Legacy Article ID||a23072|