|Applies To||RSA Access Manager 6.1.4 (SP4)|
RSA Access Manager 6.2 (AxM)
Oracle SQL Server
Microsoft SQL Server
|Issue||RSA Access Manager returns different results when using mixed case usernames|
A Runtime API call to get user properties may return different results depending on the case of the username passed in the authenticate call. The aserver may incorrectly return a previously cached result.
The aserver debug output shows an upper case (or a mixed case) value for U.NAME in the following query. The query should use a normalized lower case value.
13:07:09:711 [*] [pool-14-thread-1] - getUser:SQL <SELECT U.CONFIG_ADMIN,U.AUDIT_ADMIN,U.DESCRIPTION,U.INACTIVE_DATE,U.BEGIN_DATE,U.CREATION_DATE,U.DN,U.EMAIL,U.LAST_NAME,U.FIRST_NAME,U.NAME,U.ADMIN_LOCKOUT,U.SUPER_HELP_DESK,U.SUPER_USER,U.PUBLIC_STATE,U.ADMIN_GROUP_ID,U.ID,P.FAILED_COUNT,P.LOCKOUT_EXPIRATION,P.EXPIRATION_DATE,P.PASSWORD_CREATION_DATE,P.LAST_RESET,P.EXPIRATION_STATUS,P.OVERRIDE_POLICY,P.DCP_PASSWORD,P.PASSWORD,PR.PROPERTY_DEF_ID,PR.BOOLEAN_VALUE,PR.DATE_VALUE,PR.FLOAT_VALUE,PR.INT_VALUE, PR.STRING_VALUE FROM PASSWORD P JOIN USERS U ON U.ID=P.USER_ID LEFT OUTER JOIN USER_PROPERTY PR ON U.ID=PR.USER_ID WHERE (U.NAME = 'TESTUSER') ORDER BY NAME >
User properties are not being flushed correctly from the cache resulting in old values being returned.
|Cause||This issue may occur when an SQL datastore is used and a mixed case username with different case is used on subsequent authentication requests. This issue persists for 5 minutes until the cache TTL expires. The following example demonstrates the failure. |
This issue occurs because in some instances the DN value is not normalized before creating the cache entry.
This issue has been resolved in hotfix 18.104.22.168 for RSA Access Manager 6.2. Contact RSA Customer Support and request this hotfix or the latest cumulative hotfix for your platform.
This issue has been resolved in hotfix 22.214.171.124 for RSA Access Manger 6.1.4 (SP4). Contact RSA Customer Support and request this hotfix or the latest cumulative hotfix for your platform.
|Legacy Article ID||a63061|