Environment
NetIQ SecureLogin
Advanced Aathentication Framework (formerly NAAF)
AAF 5.3
AAF 5.4
NSL 8.1.1.1
Built in Lenovo fingerprint reader
SecureLogin configured to ask for re-authentication with FingerPrint when application launches
Situation
Re-authentication doesn't work with NSL 8.1.1 and NAAF 5.3 or 5.4
NSL prompts for finger print as expected, but Authentication fails in AAF
Reauthentication with LDAP password works, fails with fingerprint
AAVerify in NSL 8.1.1.1 fails with AAF
Resolution
Reported to engineering.
Cause
Fingerprint readers can return two types of templates: raw or ISO. NSL 8.1.1 has a problem with the ISO template. AA and NSL development teams are working on a fix.
Additional Information
Note:
Advanced Authentication 5.4 was not tested with NSL 8.1.1, and is not supported on 81.1.1. NSL 8.1.1 was released long before AAF 5.4. Official NSL support for NAAF 5.4 is scheduled for NSL 8.5.