Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Opened: Oct 11, 2019 Severity: 3-Major
When the BIG-IP system contains a per-request policy and is deployed to use Client-Initiated Form-based SSO for a resource, you cannot access the resource. When the BIG-IP system is deployed as SAML-IdP, it fails to process SAML Requests/Responses.
For BIG-IP systems deployed with Client-Initiated Form-based SSO on a resource, you cannot access the resource. For BIG-IP systems deployed as SAML IdP, SAML functionality does not work.
This occurs only when per-request policy is also associated in the BIG-IP virtual server.
Do not configure the per-request policy in the virtual server.
None