F5 APM - Secure Flag Causes Post to fail

Question

I'm using a client initiated form to post a variable to Epic healthcare application. I have my credential mapping setup and it correctly reflects my username and password which I will be posting to the Epic application. The SSO mapping is also setup to map the session username / password variable to session.sso.token.last.username / password. These fields all reflect the correct value (Validated through message boxes and checking session variables).&nbsp;Variables (All correct values)&nbsp;session.sso.token.last.username = session.logon.last.username
session.sso.token.last.password = session.logon.last.password (Both Secure)When I post to the application, I get an bad password. The only way I can get it to work is to use mcget -secure and assign it to another variable ("New Variable"). Then map "New Variable" to my SSO credential field for password. If I assign the "new" variable with a secure variable (IE mcget { password } = "New Variable") and map it to SSO, it fails.&nbsp;What does marking a variable as -secure do when it posts? And no, I can't get a dump of the server because that would make this too easy.&nbsp;Code version 12.1&nbsp;

seth_cooper · Answer

Can you share your SSO config?&nbsp;
The -secure will decrypt the password and store it in plain text in the new variable.&nbsp;
-Seth&nbsp;

Forum Discussion

F5 APM - Secure Flag Causes Post to fail

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

DevCentral Connects hosts Capture the Flag!

Using ChatGPT for security and introduction of AI security

ChatGPT and security - This Week in Security Feb 18th to Feb 25th, 2023

Avoiding Common iRules Security Pitfalls

CMS causing False Positives