Forum Discussion
Added Internal site on F5 Webtop, now it mixes user accounts
diamond , I need some details 🙂
Are you using Portal Access resource type, or Webtop Link resource type ?
If users are mixed up, it means the application is trusting an IP or HTTP element which is common between the 2 APM sessions. We need to know how the Application assign a session to a user.
It can be based on an cookie, header, or something else (tcp session).
First advice : disable "one-connect" if it is enabled.
- diamondNov 07, 2023Altostratus
Hi Matt,
I'm support technician and I can't get the info from the admins to tell you unfortunatelly.
They tell me that it has nothing to do with webtop and the site's dev also tells me it's not sites problem.
I don't know but it can be website X's fault, as it lets you login using Y's credentials and then in portal it allows to see user Z's information. (doesn't this looks like the site has vulnerability?)
I upload images for more info. As you can see, 1st image, user INGA is loged in in her portal, then she wants to open"family doctor" page to see her patients and when she opens it, the 2nd page opens and it shows user DADIANIDZE's page actually and her patients.
Does it looks like f5 webtops problem or the internal site's problem? I repeat, internal website works good with cisco anyconnect and directly. the issue is only with when the users logs in with from F5 webtop portal.
Lucas_Thompson Lucas_Thompson, thanks for your info. I hope I get proper information to the admins.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com