Bug ID 468822: rule to update localdb login failure is syntactically worng.

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4

Fixed In:
12.0.0

Opened: Jun 24, 2014
Severity: 4-Minor

Symptoms

While updating localdb authentication failure, the auto-populated rule to update localdb variable was faulty hence was not updating correctly.

Impact

User may not get locked, when it is supposed to be.

Conditions

Using wrong username or password while using localdb authentication the login failure count was not getting updated. This will cause user to keep trying even when he/she was suppose to get locked out.

Workaround

Editing the rule (setup default otherwise) with corrected syntax (use spaces between the tokens) this issue can be fixed. for example "expr{[mcget{session.localdb.login_failures}]+1}" value="Login Failures" can be fixed by changing to: "expr { [mcget {session.localdb.login_failures}]+1}" value="Login Failures"

Fix Information

The auto-populated rule/expression has been corrected.

Behavior Change