Reauthentication in NSL 8.1.1.1 fails with AAF

  • 7018072
  • 19-Sep-2016
  • 11-Oct-2016

Environment

NetIQ SecureLogin
Advanced Aathentication Framework  (formerly NAAF)
AAF 5.3
AAF 5.4
NSL 8.1.1.1
Built in Lenovo fingerprint reader
SecureLogin configured to ask for re-authentication with FingerPrint when application launches

Situation

Re-authentication doesn't work with NSL 8.1.1 and NAAF 5.3 or 5.4
NSL prompts for finger print as expected, but Authentication fails in AAF
Reauthentication with LDAP password works, fails with fingerprint
AAVerify in NSL 8.1.1.1 fails with AAF

Resolution

Reported to engineering.  

Cause

Fingerprint readers can return two types of templates: raw or ISO.   NSL 8.1.1 has a problem with the ISO template.  AA and NSL development teams are working on a fix.

 

Additional Information

Note:
Advanced Authentication 5.4 was not tested with NSL 8.1.1, and is not supported on 81.1.1.  NSL 8.1.1 was released long before AAF 5.4.   Official NSL support for NAAF 5.4 is scheduled for NSL 8.5.  

Feedback service temporarily unavailable. For content questions or problems, please contact Support.