Bug ID 1113661: When OAuth profile is attached to access policy, iRule event in VPE breaks the evaluation

Last Modified: Nov 29, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2

Opened: Jun 11, 2022
Severity: 3-Major

Symptoms

After upgrading to 16.1.2.1, the OAuth configuration does not work anymore. Based on the below observations, an internal redirect to /renderer/agent_irule_event_form.eui is initiated but it is not processed, so the ACCESS_POLICY_AGENT_EVENT event is never fired. Observations: Following are the results from in-house troubleshooting: Test 1: Access Policy evaluation works with a standard Access Profile, clientless mode set with iRule, and an iRule event. Test 2: Access Policy evaluation fails with a standard Access Profile but an OAuth profile attached to access policy (clientless mode to be set automatically) and an iRule event.

Impact

ACCESS_POLICY_AGENT_EVENT event is never fired

Conditions

As soon as the iRule event is removed from VPE in Test 2, the access policy evaluation works fine.

Workaround

None

Fix Information

None

Behavior Change