Bug ID 682671: The username is updated in the alert dashboard even if login validation fails.

Last Modified: Dec 20, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP FPS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Sep 11, 2017
Severity: 3-Major

Symptoms

The username is updated in the alert dashboard even if login validation fails.

Impact

The new username will be updated in previous alerts in the alert dashboard.

Conditions

This occurs when the following conditions are met: -- 'trigger iRule' is enabled on the FPS profile. -- ANTIFRAUD::username <user> command is used in the ANTIFRAUD_LOGIN Tcl event. -- 'login validation' is enabled on the FPS profile.

Workaround

Use the ANTIFRAUD::username <user> command only if ANTIFRAUD::result is SUCCESS. Note: Reports to the risk engine will not contain the new username.

Fix Information

FPS uses the new username but does not set the username cookie. This is correct behavior.

Behavior Change