For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MrIB_64119's avatar
MrIB_64119
Icon for Nimbostratus rankNimbostratus
Sep 15, 2015

APM sso to vdi rdp sending wrong password variable

Hi. I created an vpe where a user must enter in the password field both password and pin. I extract the password and pin in 2 different variables, en use them to authenticate. that works great. But w...
BIG-IP Access Policy Manager (APM)
security
MrIB_64119's avatar
MrIB_64119
Icon for Nimbostratus rankNimbostratus
Sep 15, 2015

the session.logon.last.password is an fixed variable ? can you change that variable in the logon page ?

 

to clear again, the authentication which uses the already assigned variables like session.temp.password and session.temp.token are working. in the last step the session.temp.password is assigned at session.logon.last.password and that variable is used to succesful authenticate to radius (ad). after that the variable is nog changed anymore. so i assume this variable is used as a password variable which is send allong with the session.logon.last.username to the vmware vdi backend. but i think my assumption is wrong :-(