Reauthentication in NSL 8.1.1.1 fails with AAF

  • Document ID:7018072
  • Creation Date:19-Sep-2016
  • Modified Date:11-Oct-2016
    • Micro Focus Products:
      Advanced Authentication
      SecureLogin

Environment

NetIQ SecureLogin
Advanced Aathentication Framework  (formerly NAAF)
AAF 5.3
AAF 5.4
NSL 8.1.1.1
Built in Lenovo fingerprint reader
SecureLogin configured to ask for re-authentication with FingerPrint when application launches

Situation

Re-authentication doesn't work with NSL 8.1.1 and NAAF 5.3 or 5.4
NSL prompts for finger print as expected, but Authentication fails in AAF
Reauthentication with LDAP password works, fails with fingerprint
AAVerify in NSL 8.1.1.1 fails with AAF

Resolution

Reported to engineering.  

Cause

Fingerprint readers can return two types of templates: raw or ISO.   NSL 8.1.1 has a problem with the ISO template.  AA and NSL development teams are working on a fix.

 

Additional Information

Note:
Advanced Authentication 5.4 was not tested with NSL 8.1.1, and is not supported on 81.1.1.  NSL 8.1.1 was released long before AAF 5.4.   Official NSL support for NAAF 5.4 is scheduled for NSL 8.5.