Manual Chapter : About RSA SecurID

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.1, 15.0.0
Manual Chapter

About RSA SecurID

An RSA SecurID action authenticates a user name and PIN code or token against a SecurID server. In an access policy, an authentication action typically follows a logon action that collects credentials. An RSA SecurID action provides these configuration elements and options:
AAA Server
Specifies the RSA SecurID server; servers are defined in the
Access
Authentication
area of the Configuration utility.
Show Extended Error
When enabled, causes comprehensive error messages generated by the authentication server to display on the user's logon page. This setting is intended only for use in testing, in a production or debugging environment. If enabled in a live environment, your system might be vulnerable to malicious attacks. (When disabled, displays non-comprehensive error messages generated by the authentication server on the user's logon page.)
Max Logon Attempts Allowed
Specifies the number of user authentication logon attempts to allow. A complete logon and password challenge and response is considered as one attempt.
For a per-request policy subroutine, equivalent functionality is supported through subroutine settings.
Username Source
Specifies the session variable name from which RSA SecurID Auth agent should read the username. The default value is
%{session.logon.last.username}
.
Password Source
Specifies the session variable name from which RSA SecurID Auth agent should read the password. The default value is
%{session.logon.last.password}
.