Symantec Access Management

Observations found for CA AA 9.0 (AFM) 

09-13-2017 05:30 AM

  • Primary authentication is OTP_SMS/OTP_EMAIL/PUSH_AUTH and Risk (POST-Auth) with secondary options: QNA,Mobile_OTP


Observation: OTP (SMS/EMAIL) has promoted to primary authentication, but internally auth-mechanism is setting as OTP_EMAIl/OTP_SMS/PUSH_AUTH, auth-mechanism is needed for secondary-authentication but as it was already set and did not set back to null, it is overwriting with old value and becoming cause for error,

Solution: After OTP-SMS/OTP_EMAIL/PUSH_AUTH authentication, auth-mechanism should be set to null in the state-data.

  • Mobile OTP has chosen as Secondary authentication for Risk


Observation:     Mobile OTP Authentication page is showing with FYP and Roaming (Download, only for TOTP) links, but it should not show these options for secondary authentication

Solution: Should be added with check, if authentication module is Primary, then only FYP & Roaming(TOTP) options should be displayed.

  • Risk only selected (no-primary authentication) (Customized flow for Customer), Secondary authentications are Mobile OTP, QNA, Server OTP


Observation: Secondary authentications are not considering and decide migration is not processing, which is impacting in Secondary authentication.

Solution: should add, risk-assessment true check in master.jsp, if single authentication module is selected and that is Risk.

  • Mobile OTP only chosen as Primary authentication and no-risk


Observation: For Roaming (TOTP) and FYP flows, after User is provisioned with Mobile OTP on new mobile (Roaming) Or reset with new PIN (FYP), flow is not showing the authentication page, it is allowing user and going to success page.

Solution: user should be send back to authentication page after Roaming Or Reset Mobile OTP credential.

0 Favorited
0 Files

Tags and Keywords

Related Entries and Links

No Related Resource entered.