Bug ID 1026961

Bug Tracker
ID 1026961

Bug ID 1026961: OTP Verify missing UI parameters when using with PRP

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
16.0.1.1, 16.0.1.2

Opened: Jun 17, 2021

Severity: 3-Major

Symptoms

When using "OTP Verify" agent with Per Request Policies, OTP Source and Max Logon Attempts session variables cannot be configured using the UI.

Impact

If the configured logon page where users enter their OTP is configured to capture this token with anything different from a "password" session variable name, OTP Verify will fail.

Conditions

Using "OTP Verify" agent with Per Request Policy

Workaround

Manually edit bigip.conf from: apm policy agent otp-verify /Common/otpsub_act_otp_verify_subsession_ag { } To this new config: apm policy agent otp-verify /Common/otpsub_act_otp_verify_subsession_ag { otp-source "%{subsession.logon.last.otp}" } Where opt-source variable name matches what was set on the logon page.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips