Following an upgrade to version 4.83.6 of ERPM, RSA authentication attempts to the ERPM website fail intermittently with an error “SecurID Error: CheckUserToken failed (Error #1) – Access denied” displayed on the ERPM web site login page.
Additionally, you may notice double submissions in the RSA Authentication Server logs for the RSA user experiencing the issue.
A double submission to the RSA Authentication Server is done and thus the token is attempted as being used twice before the token code changes resulting in a SecurID error.
The resolution is a simple replacement of two ERPM web site pages and a directory.
Simply replace the LoginRSA.asp and ProcessLoginCommand.asp pages as well as the Scripts directory found in the wwwroot\PWCWeb directory on your ERPM web site server with the ones found here.
Do the same in the ERPM installation directory which is located, by default, in C:\Program Files (x86)\Lieberman\Roulette\WebInterface. This second step is necessary because this is the source file that is used to push out the website pages when you deploy or re-deploy ERPM websites. If you do not include these new files in the WebInterface directory, they will be overwritten with the old files when you re-deploy your website(s).
This issue will be corrected in the version following 4.83.6
Enterprise Random Password Manager (ERPM) 4.83.6
Random Password Manager (RPM) 4.83.6