000022192 - On redirecting to the original URL in RSA ClearTrust Agent 4.x  ct_home.jsp/.asp is never visited  contrary to stated documentation of the setting cleartrust.agent.retain_url.use_querystring

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022192
Applies ToRSA ClearTrust Agent 4.6 for Sun ONE Web Server
IssueOn redirecting to the original URL in RSA ClearTrust Agent 4.x, ct_home.jsp/.asp is never visited, contrary to stated documentation of the setting cleartrust.agent.retain_url.use_querystring
CauseWith cookie-based URL retention (the default in RSA ClearTrust Agents 4.x), the Agent redirects the user's request itself, bypassing ct_home.jsp/.asp entirely
ResolutionThis issue is resolved in hot fix 4.6.0.20 for RSA ClearTrust Agent 4.6. Contact RSA Security Customer Support to request this hot fix, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels). Review the provided Readme file for installation instructions.

Hot fix 4.6.0.20 introduced a new configuration parameter, cleartrust.agent.retain_url.redirect_to_ct_home, that, when set to true, forces the agent to redirect to ct_home rather than to the user's retained URL. The redirection to ct_home.jsp/.asp includes the retained URL in the querystring, and ct_home.jsp/.asp redirects the user. The hot fix also includes a new ct_home.jsp/.asp page that addresses a defect in redirection code.
Legacy Article IDa27326

Attachments

    Outcomes