Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4
Fixed In:
12.0.0, 11.6.0 HF5, 11.5.3 HF2, 11.4.1 HF9
Opened: Nov 13, 2013 Severity: 3-Major Related Article:
K15186
SAML SP service metadata exported from APM contains elements in incorrect order which might cause it to fail to be imported by other implementations.
Import of SAML metadata with SAML IdP from BIG-IP as SP might fail.
When SAML metadata is exported from BIG-IP when it is acting as SAML Service Provider, the order of 'SingleLogoutService' and 'AssertionConsumerService' are not right.
Edit exported metadata: change the order of elements in the SPSSODescriptor so that SingleLogoutService element goes first in the sequence.
SAML metadata elements are exported in correct order.