Reauthentication in NSL fails with AAF

  • 7018072
  • 19-Sep-2016
  • 11-Oct-2016


NetIQ SecureLogin
Advanced Aathentication Framework  (formerly NAAF)
AAF 5.3
AAF 5.4
Built in Lenovo fingerprint reader
SecureLogin configured to ask for re-authentication with FingerPrint when application launches


Re-authentication doesn't work with NSL 8.1.1 and NAAF 5.3 or 5.4
NSL prompts for finger print as expected, but Authentication fails in AAF
Reauthentication with LDAP password works, fails with fingerprint
AAVerify in NSL fails with AAF


Reported to engineering.  


Fingerprint readers can return two types of templates: raw or ISO.   NSL 8.1.1 has a problem with the ISO template.  AA and NSL development teams are working on a fix.


Additional Information

Advanced Authentication 5.4 was not tested with NSL 8.1.1, and is not supported on 81.1.1.  NSL 8.1.1 was released long before AAF 5.4.   Official NSL support for NAAF 5.4 is scheduled for NSL 8.5.