|Applies To||RSA ClearTrust Agent 4.6 for Sun ONE Web Server|
|Issue||On redirecting to the original URL in RSA ClearTrust Agent 4.x, ct_home.jsp/.asp is never visited, contrary to stated documentation of the setting cleartrust.agent.retain_url.use_querystring|
|Cause||With cookie-based URL retention (the default in RSA ClearTrust Agents 4.x), the Agent redirects the user's request itself, bypassing ct_home.jsp/.asp entirely|
|Resolution||This issue is resolved in hot fix 184.108.40.206 for RSA ClearTrust Agent 4.6. Contact RSA Security Customer Support to request this hot fix, or request the latest fix level (which is cumulative, and contains fixes from previous fix levels). Review the provided Readme file for installation instructions.|
Hot fix 220.127.116.11 introduced a new configuration parameter, cleartrust.agent.retain_url.redirect_to_ct_home, that, when set to true, forces the agent to redirect to ct_home rather than to the user's retained URL. The redirection to ct_home.jsp/.asp includes the retained URL in the querystring, and ct_home.jsp/.asp redirects the user. The hot fix also includes a new ct_home.jsp/.asp page that addresses a defect in redirection code.
|Legacy Article ID||a27326|