Bug ID 928289: Retry Authentication link for OAuth is not shown in locked mode client when non-OAuth APM redirects to OAuth-configured APM via access policy.

Last Modified: Sep 13, 2023

Affected Product(s):
APM-Clients APM(all modules)

Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4

Opened: Jul 17, 2020

Severity: 3-Major

Symptoms

The 'Click here to retry authentication' link is not shown in the Edge Client UI when the default web browser is opened for OAuth login.

Impact

-- The 'Click here to retry authentication' link is not shown in the Edge Client UI when the default web browser is opened for OAuth login. -- If the APM client end user closes the web browser with the OAuth logon page, there is no way for that user to trigger the OAuth login again from the Edge Client. -- APM client end user cannot connect to the VPN, as the access policy is not being executed.

Conditions

-- Two virtual servers, one configured without OAuth settings and other configured with OAuth settings in the connectivity profile. -- Access policy with redirect ending on the first virtual server (no OAuth settings), redirecting to the 2nd virtual server (OAuth settings). -- Always connected/Locked mode in Edge Client. -- Edge Client connects to the virtual server without OAuth configured.

Workaround

Although there is no workaround in the Edge Client itself, the APM client end user can sign out of the Microsoft Windows logon session and sign back in. This starts a new instance of Edge Client, and the logon sequence will be run again.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips