Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
15.1.0
Opened: Sep 19, 2018 Severity: 4-Minor
Password-based single sign-on (SSO) methods (such as HTTP basic, NTLM, Form Based) may not work because the OTP Generate agent overwrites the session.logon.last.password session variable with the one-time password.
Some SSO methods may not work as expected.
Access policy contains 'OTP Generate' agent and the Access Profile has an assigned SSO method.
1. Use a 'Variable Assign' agent to store the APM end user's password in a temporary session variable. 2. Use that as the source in the SSO credential mapping agent.
This release adds an 'OTP Source' field in the v1 (per-session) OTP verify agent.