Bug ID 759640: Logon failure with Session Expired/Timeout

Last Modified: Jun 10, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4

Fixed In:
15.1.0

Opened: Feb 26, 2019
Severity: 3-Major

Symptoms

When 'Session Expired/Timeout' window popup is produced on the Logon Page via the Edge Client for macOS and then 'Start new session' link is clicked, this results in BIG-IP APM server categorizing uimode as Full Browser (0) for the new session. If your Access Policy logic has a uimode check where Full Browser mode results in no Network Access resource, logon failure can occur.

Impact

Access Policy branch logic decision-making based on uimode. On macOS, Edge Client is detected as Full Browser (uimode 0) by APM. If your Access Policy logic has a uimode check where Full Browser mode results in no Network Access resource, logon failure can occur.

Conditions

-- Logon form configured with additional fields other than username, password, and soft token fields. -- Session times out when user is in logon page.

Workaround

None.

Fix Information

On macOS, Edge Client is no longer detected as Full Browser (uimode 0) by APM.

Behavior Change