After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs
After upgrading from PeopleTools 8.59.09 to 8.61.11 F5 APM is not rewriting all the internal urls for PeopleSoft Portal Application that also has Home page tiles from HRMS 9.2. Clicking on these tiles takes us to Internal URL instead of F5 externally resolvable url. How to troubleshoot this. I have a case opened with F5 support, but interested in any one else using F5 APM for peoplesoft and seeing similar error.
How to configure PeopleSoft to use SAML with F5 APM and ADFS
Hi Team, We have a client using PeopleSoft 8.5.7 and it required SAML authentication. We have utilised F5 APM as a service provider and ADFS servers as a SP connector. The question is what parameter F5 APM sending to the People Soft in order to authenticate with ADFS servers? what configuration need on People Soft? You help would be highly appreciated. Cheers, Parham
Mitigate TokenChpoken attack on PeopleSoft
Problem this snippet solves: The TokenChpoken attack, which affects systems that use Single Sign-On (SSO), is possible because an authentication cookie (PS_TOKEN) used by PeopleSoft applications can be forged. The PS_TOKEN cookie is generated when a user first signs in to a PeopleSoft application. When users log in to a different server, the browser sends this cookie for authentication so that the user doesn’t have to enter his/her credentials again. The complete description of the attack can be found here : https://erpscan.com/press-center/blog/peoplesoft-security-part-3-peoplesoft-sso-tokenchpoken-attack/ How to use this snippet: insert the code example in the Virtual Server that publish the PeopleSoft application. External links Github : https://github.com/e-XpertSolutions/f5 Code : when RULE_INIT { set cookieToken "PS_TOKEN" # to be changed prior to any publishing set passphrase "hEuoYjmFUpB4PcpO3bUdQtLP4ic7jjm" } when HTTP_RESPONSE { if { [HTTP::cookie exists $cookieToken ] } { HTTP::cookie encrypt $cookieToken $passphrase } } when HTTP_REQUEST { if { [HTTP::cookie exists $cookieToken ] } { set decrypted [HTTP::cookie decrypt $cookieToken $passphrase] if { ($decrypted eq "") } { # Cookie wasn't encrypted, delete it HTTP::cookie remove $cookieToken } } } Tested this on version: 11.5
