000021704 - Invalid results when using 'Test Authorization' functionality in RSA ClearTrust against an Enhanced Application Server's protected resource

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021704
Applies ToRSA ClearTrust 5.5
RSA ClearTrust 5.0.1
RSA ClearTrust Entitlements Manager (Admin GUI)
IssueInvalid results when using "Test Authorization" functionality in RSA ClearTrust against an Enhanced Application Server's protected resource
User getting "Pass" in Test Authorization when they should be getting "Fail"
CauseThe URL passed to the "Test Authorization" is not actually matching the correct syntax for an Enhanced Application Server
ResolutionWhen using "Test Authorization" to test authorization to an Enhanced Application Server resource, you must ensure that the proper "resource-type" tag is appended to the resource. For example, if the URL /app1/index.jsp is defined and a user does not have an entitlement, you would expect to receive "Fail" when using "Test Authorization". However, if the URL is defined as "/app1/index.jsp", you will receive "Pass" because you did not specify the "resource-type" tab in the URL (which is what is expected to be passed to the Runtime system).

Now, if you correctly add the resource-type tag, "<web>", you will receive the proper results. Thus, the URL entered should look like: <web>/app1/index.jsp
Legacy Article IDa24392

Attachments

    Outcomes