000033612 - RSA Access Manager Apache WebAgent 5.0sp2 on Linux When using RSA Adaptive Authentication the ct_enroll page changes ACTSESSION cookie when the agent is set to MODE2

Document created by RSA Customer Support Employee on Aug 10, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033612
Applies ToRSA Product Set: ClearTrust
RSA Product/Service Type: Web Agent Apache
RSA Version/Condition: 5.0 SP2
Platform: Linux
Platform (Other): Apache Tomcat/7.0.65 java version "1.7.0_95"
O/S Version: Red Hat Enterprise Linux 6.x
Product Description: Access Manager
IssueThe ACTSESSION cookie retains the original URL requested by the user so that they can be redirected to their original request after authentication.
Setting the agent to Mode2 redirects the user to the page specified in login_home_location
cleartrust.agent.retain_url.redirect_to_ct_home=Mode2
cleartrust.agent.login_home_location=


This page can be customized to use the ACTSESSION cookie to redirect the user after authentication
The ct_enroll page is used to enroll new users into the Adaptive Authentication database.
When Using Mode2, the Agent is changing the ACTSESSION cookie to the page specified in the login_home_location so that after enrollment the user is  not redirected to the original requested page.
 
CauseThis is a known defect in the product see below for patches to resolve issue.
ResolutionThis was resolved in the following patches:
RSA Access Manager Agent 5.0sp2, obtain hotfix 5.0.2.07
RSA Access Manager Agent 5.0sp3, obtain hotfix 5.0.3.01
 

Attachments

    Outcomes