Webfort GetOTP and FetchOTP

View Only

Back to discussions

Expand all | Collapse all

Jump to Best Answer

1. Webfort GetOTP and FetchOTP

0 Recommend
Nikunj_Padhiyar
Posted May 19, 2018 10:32 AM

Reply Reply Privately
Can anyone explain the difference between below functions called by AFM to Webfort?

1) FetchSecAuthOTPTask
2) GetOTPTask

In FetchOTP task, Webfort is fetching the creds and giving the response the AFM.

In GetOTP task, webfort is again fetching the OTP, creating the creds and inserting it into the database and then sending the response to the AFM.

So, if GetOTP is fetching the OTP then why FetchSecAuthOTPTask is required?

Sequence of queries ran by Webfort for both the operation(in webfort debug logs):

FetchSecAuthOTPTask:

05/07/18 22:18:15.265 DEBUG TXN_NATIVE -282068112 00056170 - Query[OTPQuery_FetchRowByUser]-ID[ARWFOTP_SELECT_BY_USER]:[SELECT USERREFID, ORGNAME, DMDV, CREDID, USAGETYPE, VALIDITYSTARTDATE, VALIDITYENDDATE, DISABLESTARTDATE, DISABLEENDDATE, STRIKECOUNT, LASTSTRIKEDATE, LASTSUCCESSDATE, DATECREATED, DATEMODIFIED, NOTES, PROFILENAME, PROFILEVERSION, CREDSTATUS, USAGECOUNT, USAGECOUNTLIMIT, TRANSALGO, SUPHANDLER, PASSWORD FROM ARWFOTP WHERE ( USERREFID=? AND USAGETYPE=? )]

05/07/18 22:18:15.275 DEBUG TXN_NATIVE -282068112 00056170 - Query[ArWFIssuanceAuditLogQuery_Insert]-ID[ARWFISSUANCEAUDITLOG_INSERT]:[INSERT INTO ARWFISSUANCEAUDITLOG (DMDV, DCBN, RESPONSECODE, REASONCODE, CLIENTIPADDRESS, CALLERID, PROTOCOLID, PROTOCOLVERSION, USERAGENT, REFERRER, CLIENTSESSIONID, IP, TXNID, UDSTXNID, INSTANCENAME, OPERATIONID, LOCALE, RESPONSETIME, DATECREATED, ASSOCIATIONVERSION, ADDITIONALINFOINTERNAL, ADDITIONALINFOEXTERNAL, USERREFID, ORGNAME, USERNAME, ACTTYPE, ACTID, INUSERID, USAGETYPE, CREDID, CREDTYPE, CREDSTATUS, STRIKECOUNT, USAGECOUNT, USAGECOUNTLIMIT, VALIDITYSTARTDATE, VALIDITYENDDATE, PARAMNAME, PROFILENAME, PROFILEVERSION, NEWCREDID, PREISSUANCEEVENT, PREISSUANCEMODULENAME, PREISSUANCEMODULETYPE, PREISSUANCEEVENTRESULT, PREISSUANCEEVENTTXNID, PREISSUANCEEVENTMESSAGE, PROCISSUANCEEVENT, PROCISSUANCEMODULENAME, PROCISSUANCEMODULETYPE, PROCISSUANCEEVENTRESULT, PROCISSUANCEEVENTTXNID, PROCISSUANCEEVENTMESSAGE, POSTISSUANCEEVENT, POSTISSUANCEMODULENAME, POSTISSUANCEMODULETYPE, POSTISSUANCEEVENTRESULT, POSTISSUANCEEVENTTXNID, POSTISSUANCEEVENTMESSAGE) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)]

GetOTPTask:

05/07/18 22:18:15.444 DEBUG TXN_NATIVE -282068112 00056171 - Query[OTPQuery_FetchRowByUser]-ID[ARWFOTP_SELECT_BY_USER]:[SELECT USERREFID, ORGNAME, DMDV, CREDID, USAGETYPE, VALIDITYSTARTDATE, VALIDITYENDDATE, DISABLESTARTDATE, DISABLEENDDATE, STRIKECOUNT, LASTSTRIKEDATE, LASTSUCCESSDATE, DATECREATED, DATEMODIFIED, NOTES, PROFILENAME, PROFILEVERSION, CREDSTATUS, USAGECOUNT, USAGECOUNTLIMIT, TRANSALGO, SUPHANDLER, PASSWORD FROM ARWFOTP WHERE ( USERREFID=? AND USAGETYPE=? )]

05/07/18 22:18:15.464 DEBUG TXN_NATIVE -282068112 00056171 - Query[ArWFIssuanceCredBaseQuery_DeleteRow]-ID[TEMPLATE_ISSUANCE_DELETE_CREDENTIAL_BY_USER]:[DELETE FROM ARWFOTP WHERE ( USERREFID=? AND USAGETYPE=? )]

05/07/18 22:18:15.471 DEBUG TXN_NATIVE -282068112 00056171 - Query[OTPQuery_Insert]-ID[ARWFOTP_INSERT]:[INSERT INTO ARWFOTP ( USERREFID, ORGNAME, DMDV, CREDID, USAGETYPE, VALIDITYSTARTDATE, VALIDITYENDDATE, DISABLESTARTDATE, DISABLEENDDATE, STRIKECOUNT, LASTSTRIKEDATE, LASTSUCCESSDATE, DATECREATED, DATEMODIFIED, NOTES, PROFILENAME, PROFILEVERSION, CREDSTATUS, USAGECOUNT, USAGECOUNTLIMIT, TRANSALGO, SUPHANDLER, PASSWORD ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )]

05/07/18 22:18:15.482 DEBUG TXN_NATIVE -282068112 00056171 - Query[ArWFIssuanceAuditLogQuery_Insert]-ID[ARWFISSUANCEAUDITLOG_INSERT]:[INSERT INTO ARWFISSUANCEAUDITLOG (DMDV, DCBN, RESPONSECODE, REASONCODE, CLIENTIPADDRESS, CALLERID, PROTOCOLID, PROTOCOLVERSION, USERAGENT, REFERRER, CLIENTSESSIONID, IP, TXNID, UDSTXNID, INSTANCENAME, OPERATIONID, LOCALE, RESPONSETIME, DATECREATED, ASSOCIATIONVERSION, ADDITIONALINFOINTERNAL, ADDITIONALINFOEXTERNAL, USERREFID, ORGNAME, USERNAME, ACTTYPE, ACTID, INUSERID, USAGETYPE, CREDID, CREDTYPE, CREDSTATUS, STRIKECOUNT, USAGECOUNT, USAGECOUNTLIMIT, VALIDITYSTARTDATE, VALIDITYENDDATE, PARAMNAME, PROFILENAME, PROFILEVERSION, NEWCREDID, PREISSUANCEEVENT, PREISSUANCEMODULENAME, PREISSUANCEMODULETYPE, PREISSUANCEEVENTRESULT, PREISSUANCEEVENTTXNID, PREISSUANCEEVENTMESSAGE, PROCISSUANCEEVENT, PROCISSUANCEMODULENAME, PROCISSUANCEMODULETYPE, PROCISSUANCEEVENTRESULT, PROCISSUANCEEVENTTXNID, PROCISSUANCEEVENTMESSAGE, POSTISSUANCEEVENT, POSTISSUANCEMODULENAME, POSTISSUANCEMODULETYPE, POSTISSUANCEEVENTRESULT, POSTISSUANCEEVENTTXNID, POSTISSUANCEEVENTMESSAGE) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)]

Thanks.
2. Re: Webfort GetOTP and FetchOTP

1 Recommend
Sharanabasava Kariyappa
Posted May 23, 2018 07:38 AM

Reply Reply Privately
Please find the update below.

FetchSecAuthOTPTask : is used to fetch OTP while secondary authentication flow in case of increase auth to send OTP via SMS/EMAIL/PUSH
GetOTPTask : is used to get OTP when user doesn't have OTP credential at all like user enrollment flow

Thanks,
Sharan
3. Re: Webfort GetOTP and FetchOTP

0 Recommend
Nikunj_Padhiyar
Posted May 23, 2018 08:38 AM

Reply Reply Privately
Yes. Thanks.

I need to know why the queries of FetchSecAuthOTPTask is executed while GetOTPTask?

Thanks,
Nikunj
4. Re: Webfort GetOTP and FetchOTP
Best Answer

1 Recommend
Sharanabasava Kariyappa
Posted Jun 14, 2018 07:57 AM

Reply Reply Privately
Hi Nikunj,

Usually in secondary authentication flow where OTP authentication is required, first FetchSecAuthOTPTask is invoked to check mainly the status of OTP credential (whether it is locked, deleted or disabled) for the user. Hence you are finding the queries of FetchSecAuthOTPTask.
In case credential status it ok or not found, then GetOTPTask is invoked to create a new OTP that is sent to user by e-mail or SMS.

Thanks,
Sharan
5. Re: Webfort GetOTP and FetchOTP

0 Recommend
Nikunj_Padhiyar
Posted Jun 15, 2018 07:43 AM

Reply Reply Privately
Great! Thanks Sharan.
6. Re: Webfort GetOTP and FetchOTP

1 Recommend
Sharanabasava Kariyappa
Posted Jun 19, 2018 10:11 AM

Reply Reply Privately
KB is created for the same.
why the queries of FetchSecAuthOTPTask is executed - CA Knowledge

Thanks,
Sharan

Symantec Access Management

Webfort GetOTP and FetchOTP

Nikunj_PadhiyarMay 19, 2018 10:32 AM

Sharanabasava KariyappaMay 23, 2018 07:38 AM

Nikunj_PadhiyarMay 23, 2018 08:38 AM

Sharanabasava KariyappaJun 14, 2018 07:57 AMBest Answer

Nikunj_PadhiyarJun 15, 2018 07:43 AM

Sharanabasava KariyappaJun 19, 2018 10:11 AM

1. Webfort GetOTP and FetchOTP

2. Re: Webfort GetOTP and FetchOTP

3. Re: Webfort GetOTP and FetchOTP

4. Re: Webfort GetOTP and FetchOTP Best Answer

5. Re: Webfort GetOTP and FetchOTP

6. Re: Webfort GetOTP and FetchOTP

4. Re: Webfort GetOTP and FetchOTP
Best Answer