peoplesoft
3 TopicsMitigate TokenChpoken attack on PeopleSoft
Problem this snippet solves: The TokenChpoken attack, which affects systems that use Single Sign-On (SSO), is possible because an authentication cookie (PS_TOKEN) used by PeopleSoft applications can be forged. The PS_TOKEN cookie is generated when a user first signs in to a PeopleSoft application. When users log in to a different server, the browser sends this cookie for authentication so that the user doesn’t have to enter his/her credentials again. The complete description of the attack can be found here : https://erpscan.com/press-center/blog/peoplesoft-security-part-3-peoplesoft-sso-tokenchpoken-attack/ How to use this snippet: insert the code example in the Virtual Server that publish the PeopleSoft application. External links Github : https://github.com/e-XpertSolutions/f5 Code : when RULE_INIT { set cookieToken "PS_TOKEN" # to be changed prior to any publishing set passphrase "hEuoYjmFUpB4PcpO3bUdQtLP4ic7jjm" } when HTTP_RESPONSE { if { [HTTP::cookie exists $cookieToken ] } { HTTP::cookie encrypt $cookieToken $passphrase } } when HTTP_REQUEST { if { [HTTP::cookie exists $cookieToken ] } { set decrypted [HTTP::cookie decrypt $cookieToken $passphrase] if { ($decrypted eq "") } { # Cookie wasn't encrypted, delete it HTTP::cookie remove $cookieToken } } } Tested this on version: 11.5530Views0likes0CommentsHow to configure PeopleSoft to use SAML with F5 APM and ADFS
Hi Team, We have a client using PeopleSoft 8.5.7 and it required SAML authentication. We have utilised F5 APM as a service provider and ADFS servers as a SP connector. The question is what parameter F5 APM sending to the People Soft in order to authenticate with ADFS servers? what configuration need on People Soft? You help would be highly appreciated. Cheers, Parham306Views1like0Comments