Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.4.0, 11.4.1, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0
Opened: Oct 29, 2013 Severity: 3-Major
BIG-IP as Service Provider (SP) and BIG-IP as Identity Provider (IdP) do not accept anything except a full URL for EntityId.
Cannot support IdP or SP that expects a numerical value for EntityId.
BIG-IP as SP and IdP.
There is no work around.
The BIG-IP system, when configured as a SAML Service Provider (SP), now supports numerical values as part of EntityId. Metadata export still works, but the resulting XML must be edited to replace the number with a proper URL for the Assertion Consumer Service URL. You must edit the XML before exporting it to other Identity Providers (IdPs).