Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0, 11.6.0 HF5
Opened: Dec 16, 2014 Severity: 2-Critical
When a user performs SAML Identity Provider (IdP)-initiated web single sign-on (Web SSO) using Artifact binding and the Artifact Resolution Service is not configured on IdP, TMM may restart.
As a result, TMM restarts.
This occurs under all of the following conditions: 1. The BIG-IP system is configured as a SAML IdP. 2. The IdP service does not have Artifact Resolution Service configured. 3. The corresponding Service Provider (SP) connector object, which is bound to the IdP, has Artifact binding configured. 4. The SAML Resource from this IdP is published on a webtop.
To work around the problem, configure an Artifact Resolution Service and assign it to the IdP object.
An issue where TMM would restart under certain conditions is now fixed.