This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
JoeEdwards
Beginner
Beginner
‎2016-08-16 02:40 PM

apache2.2 redhat6.7

protectURL -a -n /dir does not work

I get a 'There is a Phantom entry in RSAWebAgent.INI, Please remove "URLNAME2=/dir;9" from INI.' message and apache will not start.

I can protect or unprotect '/'.

What is the correct syntax for the RSAWebAgent.INI file entry?

URLNAME2=/;9 works

URLNAME2=/dir;9 does not work

Labels (1)
Labels
0 Likes
Reply
7 Replies
HusseinElBaz
Employee
Employee
‎2016-08-17 03:39 AM

Hello Joe,

 

Please try to edit the RSAWebAgent.INI file and make sure that no port numbers appear after the FQDN definition of your web server or virtual host. If you have an entry similar to the one shown below:

 

[vmware01-mike.csau.ap.rsa.net:80]
URLName1=/;0
URLName2=/securid;9

 

, then modify it to look like the following:

 

[vmware01-mike.csau.ap.rsa.net]
URLName1=/;0
URLName2=/securid;9

 

So kindly check and advise us back if there is any assistance needed from our side.

 

Best Regards,

0 Likes
Reply
JoeEdwards
Beginner
Beginner
‎2016-08-17 12:18 PM

I did try that and other combinations.

 

[website.org]

URLName1=/;9

works

 

[website.org]

URLName1=/;0

URLName2=/secureid;9

does not work

'There is a Phantom entry in RSAWebAgent.INI, Please remove "URLNAME2=/secureid;9" from INI.'

0 Likes
Reply
TedBarbour
Employee
Employee
In response to JoeEdwards
‎2016-08-17 01:05 PM

Might the problem be the misspelling of "secureid" ?

0 Likes
Reply
JoeEdwards
Beginner
Beginner
‎2016-08-17 01:26 PM

The name of the directory/URL does not matter. I changed  the domain and URL for the posting. Thanks for responding!

0 Likes
Reply
MartinZ
Beginner
Beginner
‎2016-08-22 02:38 PM

It works on Centos 6.6 + Apache/2.2.25 (Unix)

It does not work on Centos 6.2 + Apache/2.2.15

 

I have identical v7.1.3[128] versions of RSAWebagent.INI on 2.6.32 kernel, 64-bit on both servers.

 

Checked sizes and dates of .so libraries on both servers 

[root@server rsawebagent]# ll *.so
-rwx------ 1 apache apache 389256 Jan 14 2014 libaceclnt.so
-rwx------ 1 apache apache 560608 Jan 14 2014 librsawa_apache.so
-rwx------ 1 apache apache 7696 Jan 14 2014 mod_rsawa_apache.so

 

So you have to check which OS version/subversion you have.

This is what you want, isn't it? It works without setting RSA_CHECK_PHANTOM_ENTRIES=0


URLName1=/;0
URLName2=/securid;9
URLName3=/test;9

0 Likes
Reply
JoeEdwards
Beginner
Beginner
In response to MartinZ
‎2016-08-25 12:29 PM

Successfully installed RSA Authentication Agent v8.0.0.399 for Web for Apache.

I do want to protect individual directories.

RSA_CHECK_PHANTOM_ENTRIES=0

[website.org]

URLName1=/;0

URLName2=/secureid;9

 

'There is a Phantom entry in RSAWebAgent.INI, Please remove "URLNAME2=/secureid;9" from INI.'

0 Likes
Reply
MartinZ
Beginner
Beginner
In response to JoeEdwards
‎2016-08-26 02:59 AM

I reviewed few installations. The only one working is using this package:

WebAgent_71_Apache22_RHEL5_64_128_01201414.zip

obtained in february 2015. I know that in much older installations it always worked.

 

I went through shell scripts and .so files, there is nothing preventing URL enumeration. However, in (most likey) librsawa_apache.so, there is RSAWebagent config parser routine that somehow forgets to increase some counter in "URLName" directive parsing. 

 

Thus, it is pure software bug. I am not in position to open a case on RSA. 

[Just to add fun: after upgrading libxml2 (critical patch) I can not get through authentication page anymore. It repeats successful authentication to eternity.]

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.