BugZero | F5 BugID 1353957 - The message "Error getting auth token from login p...

F5 - Defect ID: 1353957

The message "Error getting auth token from login provider" is displayed in the GUI

F5 - Defect ID: 1353957

The message "Error getting auth token from login provider" is displayed in the GUI

Last updated on April 4th, 2025

BugZero Risk Score
7.1 High

Overall: 7.1

Severity: 7.3

Community: 4.1

Lifecycle: 7.1

What is the BugZero Risk Score?

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: 3-Major
Status: Verified
Impact Category: TMOS

Description

Symptoms

When you access GUI pages that use REST API token-based authentication, the pages fail to load with the message "Error getting auth token from login provider". You may also observe a red banner with the message: "The iApp LX sub-system is currently unresponsive." For example, accessing the policies list from the following location: iApps âºâº Application Services : Applications LX Security âºâº Application Security : Security Policies : Policies List

Impact

GUI pages that use REST API token-based authentication will not load.

Conditions

If the auth-pam-idle-timeout is other than 1200 list sys httpd auth-pam-idle-timeout sys httpd { auth-pam-idle-timeout 1200 }

Workaround

Use the following tmsh commands: tmsh modify sys httpd auth-pam-idle-timeout 1200 tmsh save sys config tmsh restart sys service httpd wait for 2 minutes Delete cookies from /var/run/pamcache rm -f /var/run/pamcache/* Users authenticated in the TMUI will log out automatically. After logging back in, TMUI pages should load properly. for VIPRION tmsh modify sys httpd auth-pam-idle-timeout 1200 tmsh save sys config clsh tmsh restart sys service httpd wait for 2 minutes Edit csyncd settigs prevent old cookies sync from other blade. clsh "cp /etc/csyncd.conf /etc/csyncd.conf.$(date +%Y%m%d_%H%M%S)" clsh "sed -i '/run\/pamcache/,+2s/^/#/' /etc/csyncd.conf" clsh "bigstart restart csyncd" Delete cookies from /var/run/pamcache clsh rm -f /var/run/pamcache/* Revert csyncd settigs. clsh "sed -i '/run\/pamcache/,+2s/^#//' /etc/csyncd.conf" clsh "bigstart restart csyncd" Note: Modifying the auth-pam-idle-timeout value will sync between devices in a sync-failover device group, but the workaround steps above must be performed on each device individually.

Fix Information

Restjavad layer modified to accommodate idle timeout values other than 1200

Behavior Change

Sys httpd auth-pam-idle-timeout cannot be configured larger than 86400

Change history

2025-03-22 Added: 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1

Links

Original Vendor Announcement

Relevant Products

Click on a version to see all relevant bugs

Affected versions:15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Fixed versions: No known fixed versions

Top F5 Defects by Risk Score

No bugs this month

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

F5 - Defect ID: 1353957

The message "Error getting auth token from login provider" is displayed in the GUI

F5 - Defect ID: 1353957

The message "Error getting auth token from login provider" is displayed in the GUI

Last updated on April 4th, 2025

BugZero Risk Score7.1 High

Bug Details

Symptoms

Impact

Conditions

Workaround

Fix Information

Behavior Change

Links

Top F5 Defects by Risk Score

Ready to prevent the next vendor outage?

BugZero Risk Score
7.1 High