Bug ID 636866: OAuth Client/RS secret issue with export/import

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Jan 05, 2017
Severity: 3-Major

Symptoms

When the access profile with a OAuth Client/RS agent is configured, the OAuth server objects has a client secret and/or resource server secret to be configured. When such an access profile is exported and then imported, the client secret or resource server secret may not be imported properly.

Impact

The APM OAuth client or Scope Agent may not run properly and end up in the fallback branch.

Conditions

In OAuth client/RS use case, when an access profile is configured with OAuth client or Scope Agent.

Workaround

After importing the access profile, the OAuth server object needs to be modified with the proper client secret or resource server secret.

Fix Information

Now Per-request access policies that include objects with encrypted information such as client or resource server secrets, RADIUS secrets, and the like are imported and exported correctly.

Behavior Change