Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.6.0, 11.6.1, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1
Fixed In:
13.0.0, 12.1.3.2, 11.6.2
Opened: Jun 25, 2016 Severity: 3-Major
When APM is configured with SAML authentication and multi-domain SSO, Internet Explorer may encounter authentication loop and never complete the access policy.
Using Internet Explorer, the client may not be unable to connect to its desired destination.
APM is configured with SAML authentication and multi-domain SSO.
Chrome and Firefox do not seem to be affected.
Use cookie for session for multi-domain if TOKEN lookup fails. Previously, the cookie was ignored for multi-domain response URI. However, with the introduction of TOKEN based session lookup, this causes a failure if the client retries the request (since the TOKEN was consumed in the request prior to the retry).