Hi Everyone,
I am trying to understand the source of an HTTP header ct_remote_user. The older application I'm trying to refresh for Red Hat GNU/Linux 7 generates an error when this header is not found. It is possible this is something created in our code. But "ct_" suggests this originates with ClearTrust (which I believe is the older name of RSA Access Manager).
I've searched through several of the tables in the Oracle database holding the data for our RSA Access Manager, but, no luck so far.
In the admin console I saw "Exportable Properties" could be defined for an application but again, no luck finding my Waldo (ct_remote_user).
Any pointers on this would be greatly appreciated. If I self-discover an answer I'll head back here and post an update.
Kind regards,
-Randy Galbraith
ps. Take & say safe in the wake of Covid-19!
ct_remote_user is an optional http header that can be set with the username of the authenticated user.
See the following section in the webagent.conf file for what optional http headers can be set in the request.
cleartrust.agent.exported_headers
This is an agent setting so is not present in any of the server configuration.
This header is not consumed by any RSA product but may be used in legacy applications to do single sign on from an RSA Access Manager authenticated session.