This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

RSA ClearTrust users receive Server Error when attempting HTTP forms-based authentication using RSA SecurID token

Article Number

000025894

Applies To

RSA ClearTrust 5.0.1
RSA ClearTrust Authorization Server (AServer)
RSA ACE/Agent
UNIX (AIX, HP-UX, Solaris)
Forms-based authentication
RSA SecurID Authentication

Issue

RSA ClearTrust users receive Server Error when attempting HTTP forms-based authentication using RSA SecurID token
RSA ClearTrust Authorization server debug log shows the following errors: "TCP: error on socket: java.io.IOException: Unable to send data to receiver."
java.io.IOException: Unable to send data to receiver.
       at sirrus.util.io.FlushingByteArrayOutputStream.checkForStreamClosure(FlushingByteArrayOutputStream.java:140)
       at sirrus.util.io.FlushingByteArrayOutputStream.write(FlushingByteArrayOutputStream.java:80)
       at java.io.DataOutputStream.writeByte(DataOutputStream.java:129)
       at sirrus.util.io.rpc.fope.ObjectNode.writeTypeToStream(ObjectNode.java:61)
       at sirrus.util.io.rpc.fope.Node.writeToStream(Node.java:42)
       at sirrus.util.io.rpc.fope.NodeFactory.convertNodeToStream(NodeFactory.java:67)
       at sirrus.util.io.rpc.RPCManager.invokeLocalProcedure(RPCManager.java:151)
       at sirrus.authserver.MuxRequestThreadPool$MuxRequestThread.serviceRequest(MuxRequestThreadPool.java:85)
       at sirrus.authserver.MuxRequestThreadPool$MuxRequestThread.run(MuxRequestThreadPool.java:142)
Examination of RSA ACE/Server logs confirms that no request was sent to the ACE/Server

Cause

The user account used to start the ClearTrust Authorization Server must have read and write access to the ACE/Agent /var/ace directory, and must have read access to the securid file in this directory. Incorrect permissions can occur if the SecurID ACE/Agent was installed as root but the ClearTrust servers run as a non-root user.

Resolution

To correct this issue, follow these steps:

1. Change the permissions of the ACE/Agent /var/ace directory on the RSA ClearTrust Authorization Server (chmod 755 /var/ace)

2. If it exists, delete the securid node secret file: /var/ace/securid

3. Using the ACE/Server Administration Console, edit the agent-host record of the ClearTrust Authorization Server; if checked, uncheck the box "Node Secret Sent"

4. Click OK to save the change

5. Restart the ClearTrust Authorization Server

6. Access a ClearTrust-protected Web resource and authenticate with SecurID

7. Verify that the /var/ace/securid file was recreated and is owned by the ClearTrust Authorization Server user account
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-13 12:56 AM
Updated by:
Administrator Administrator

Related Content

© 2022 RSA Security LLC or its affiliates. All rights reserved.