Last Modified: Jan 07, 2020
See more info
Known Affected Versions:
15.0.0, 15.0.1, 18.104.22.168
Opened: Sep 19, 2018
Password-based single sign-on (SSO) methods (such as HTTP basic, NTLM, Form Based) may not work because the OTP Generate agent overwrites the session.logon.last.password session variable with the one-time password.
Some SSO methods may not work as expected.
Access policy contains 'OTP Generate' agent and the Access Profile has an assigned SSO method.
1. Use a 'Variable Assign' agent to store the APM end user's password in a temporary session variable. 2. Use that as the source in the SSO credential mapping agent.
This release adds an 'OTP Source' field in the v1 (per-session) OTP verify agent.