|Applies To||RSA ClearTrust Agent 3.5.2 for BEA WebLogic|
RSA ClearTrust Agent 4.5 for IBM WebSphere 5.0.2
|Issue||RSA ClearTrust directing users directed to wrong error page|
cleartrust_realms.properties (on BEA WebLogic) and cleartrust.properties (on IBM WebSphere) have been modified to use customized pages rather than any of these issued files. However, at various times, users are redirected automatically to one of these pages.
User is redirected to RSA ClearTrust logon page or ClearTrust error page
|Cause||The perception is that there must be some hard-coded values inside RSA ClearTrust Agent that, when all else fails, uses one of the original pages. There are no such hard-coded values that cause this behavior; the cause is that there are other configurable locations where these web pages can be set. These are the individual web.xml deployment descriptor files for individually deployed web applications.|
For each deployed web application in either a free-standing web application or bundled in an application, try looking for the following type of parameters (this is just an example; the actual web pages referenced will vary):
Then, correct the erroneous value by setting to the correct login (or error) page that you desire.
NOTE: This mechanism for causing a ClearTrust login page to appear is valid, and relates to the use of J2EE security mechanisms. A useful tip to confirm that the intention was to use a custom logon page is to check the source of the logon page which the user should have seen for the presence of values like j_security_check, j_username and j_password - all of which suggest a JAAS logon is in use.
|Legacy Article ID||a26527|