Bug ID 501509: Logon page sets logonname and username session variables only when username field has a value

Last Modified: Mar 12, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9

Opened: Jan 17, 2015
Severity: 2-Critical

Symptoms

If username field is disabled at the logon page, then the session variables session.logon.last.username and session.logon.last.logonname are not registered.

Impact

If logonname or username is not registered as a session variable, it may cause problems for other access policy agents. Some agents, such as authentication agents, always rely on the username session variable, and other agents may rely on logonname session variable

Conditions

This happens when username is set to read-only at logon page and the corresponding field is left empty during user logon.

Workaround

None.

Fix Information

None

Behavior Change