This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

How to bypass RSA SecurID multiple domain authentication page

Article Number

000018342

Applies To

RSA ACE/Agent 4.4 for Windows NT (no longer supported as of 3-3-2003)
RSA ACE/Server
UNIX (AIX, HP-UX, Solaris)
Microsoft Windows
The purpose of the multidom.htm page is to set the cookies for the different domains listed in the multiple domain support. This is done by the ok.jpg image. The multidom.htm will come up with all domains listed. If the connection was made to that server at the specific URL for setting that cookie, the ok.jpg image, ?OK?, is displayed on that line. If the connection was not made and the cookie cannot be set, the denied.jpg image, ?Denied?, will appear on that line.

NOTE: RSA does not recommend that customers remove the multidom.htm page because users will not know if the domain cookies loaded properly or not.  However, if customers want to remove this HTML page, they can write Java script to eliminate the need for the HTML page (whether the domain cookies loaded successfully or not) and automatically send the user to the next URL.

The danger in this is that the end user would not see the ?Denied? image if the connection is unsuccessful. Administrators have to weigh this against the benefits of not seeing the page at all. It is for this reason that RSA recommends the original multidom.htm page be backed up. It could be put back in place for the purposes of troubleshooting, if necessary.

Issue

How to bypass RSA SecurID multiple domain authentication page

Cause

Multiple domain support is enabled when administrators want to have users access multiple servers in different domains without being RSA SecurID-challenged for each new connection. Once successfully RSA SecurID-authenticated to one domain, users receive cookies for all domains specified in the multiple domain support. When multiple domain support is enabled, the end user sees the multidom.htm page. They are then required to click on the Continue link in order to get the originally specified page.  Some administrators may want to remove the need for users to click Continue because it can be confusing to users.

Resolution

The multidom.htm page cannot be omitted, but administrators can modify it so that it will appear and disappear without user intervention. The end user would see the page flash by and would be automatically re-directed to the originally specified page.

To make these modifications, follow these instructions.


Original multi-dom.htm:

Location \winnt\system32\aceclnt
The original page has the following coding:

<script language=JavaScript>
<!--
function check_popup()
{
        if (window.name == "SecurIDPopup") {
                alert('Authentication successful');
                window.close();
        }
}
//-->
</script>


Modified multi-dom.htm:

Modifications can be made to the file so that it appears and immediately disappears. The coding below should be put in place of that noted above.

<script language=JavaScript>
<!--
function check_popup()
{
        if (window.name == "SecurIDPopup") {
                alert('Authentication successful');
                window.close();
        }
        else {
                document.location = document.links[0].href;        }
}
//-->
</script>
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-13 03:49 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.