I see that we have new authentication method as SecurID_Proxy available as authentication method for both SC and SSC. Is there any documentation around this ?
AM Version - AM 8.4 P12
Accepted Solutions
Hi,
This was an old feature that was never fully implemented, so was later hidden from the interface. The idea was a method to access the Security Console or Self Service console by an authentication request proxied to another Authentication Manager agent for validation in that remote Authentication Manager database.
If this method was included, the thought was that AM would call a client to another AM to authenticate to the console...whereas SecurID_Native = Local validation of SecurID.
What is the upgrade history ? 6.1 ---> 7.1 ---> 8.1 --->...perhaps ?
That looks like a bug, as securid_proxy was removed from the interface, and should not be visible.
Though still is in the database from earlier versions. Perhaps there was a migration and the enable flag
was set to true....[you might need to open a support case to resolve this].
Here is the db info on that from my 8.4.0.13.0 Primary.
I have no Securid_proxy on in the Security Console for auth methods yet it is in the database.
As a test I went in my db and set the enabled flag for Proxy to true and logged off logged back into Security Console and now I see SecurID_proxy as an option.
update rsa_rep.IMS_AUTHN_METHOD set enable_flag = true where method_name like '%Proxy%';
As a fix/workaround it just needs to be hidden, and you might set the flag to false. Make a database backup before proceeding.
update rsa_rep.IMS_AUTHN_METHOD set enable_flag = false where method_name like '%Proxy%';
Then restart** the AM servers.
** I found setting to true, logoff/login showed SecurID_Proxy immediately, but when setting to false, I needed a restart to show the change and removal of the SecurID_Proxy option in the web interface.
Hi,
This was an old feature that was never fully implemented, so was later hidden from the interface. The idea was a method to access the Security Console or Self Service console by an authentication request proxied to another Authentication Manager agent for validation in that remote Authentication Manager database.
If this method was included, the thought was that AM would call a client to another AM to authenticate to the console...whereas SecurID_Native = Local validation of SecurID.
What is the upgrade history ? 6.1 ---> 7.1 ---> 8.1 --->...perhaps ?
That looks like a bug, as securid_proxy was removed from the interface, and should not be visible.
Though still is in the database from earlier versions. Perhaps there was a migration and the enable flag
was set to true....[you might need to open a support case to resolve this].
Here is the db info on that from my 8.4.0.13.0 Primary.
I have no Securid_proxy on in the Security Console for auth methods yet it is in the database.
As a test I went in my db and set the enabled flag for Proxy to true and logged off logged back into Security Console and now I see SecurID_proxy as an option.
update rsa_rep.IMS_AUTHN_METHOD set enable_flag = true where method_name like '%Proxy%';
As a fix/workaround it just needs to be hidden, and you might set the flag to false. Make a database backup before proceeding.
update rsa_rep.IMS_AUTHN_METHOD set enable_flag = false where method_name like '%Proxy%';
Then restart** the AM servers.
** I found setting to true, logoff/login showed SecurID_Proxy immediately, but when setting to false, I needed a restart to show the change and removal of the SecurID_Proxy option in the web interface.
