Bug ID 466877: When BIG-IP is used as SAML SP, signatures created by IBM Tivoli Federated Identity Manager may fail validation

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM, PEM(all modules)

Known Affected Versions:
11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.1 HF5, 11.4.1 HF6

Opened: Jun 12, 2014
Severity: 3-Major
Related AskF5 Article:
K16774

Symptoms

Signature validation fails when received signed assertion is generated by IBM Tivoli Federated Identity Manager.

Impact

Issue impacts SSO, users cannot login with SAML.

Conditions

This issue occurs when the BIG-IP system is configured as SP and received assertion is signed.

Workaround

This issue has no workaround at this time.

Fix Information

Issue with signature validation is fixed.

Behavior Change