Forum Discussion
Thomas_Schocka1
Jun 04, 2014Altocumulus
Ok, small update, I found the thing that fixes it:
There is a session variable that is being created when the SSO has failed. This variable is sso.state=1, it is set below whatever you've put in the username source field of the SSO profile. So for me this was "session.sso.custom.username", which makes it "session.sso.custom.username.sso.state=1".
I used an iRule provided by mrrobbins in some post to detect when this variable is set to 1 and to change it back to 0 whenever it occurs.
I'm guessing this has some implications towards security because the websso fail-X-times-and-die thingy is circumvented; I'm supposing the fail-X-times-and-die was implemented for a reason.
Kind regards,
Thomas