AA 8.1.3 Day Light Savings related OTP Authenticatin Failures

book

Article ID: 130285

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication CA API Gateway

Issue/Introduction

CA Strong Authentication's OTP (One Time Password) Credentials fail to authenticate when Day Light Saving time adjustment occurs.

Cause

Adjustments were not being made in the code for zones that were affected by DST (Day Light Saving) adjustment to time.

Environment

CA Strong Authentication Version 8.1.x

Resolution

CA-StrongAuth-8.1.3-DE247998-Hotfix.zip should be requested from CA Strong Authentication Support and applied.

================================= Explanation of the bug that was fixed ============= 
We fetch the GMT time from DB and adjust it to local time with offset calculated. 
For example, if server time zone is IST, we do get time in GMT and adjust offset of 330 (in minutes) as there is 5 Hours and 30 hours of difference (Offset is computed incorrectly and has been corrected in the provided patch) 

Say, When the PST time is getting DST adjusted, the offset computed is not correct. In other words, we have identified a bug in the code where we are using the incorrect adjust offset when DST hits. 
========================================= ================================= 
 

Additional Information

*All versions above 8.1.3 have assimilated the fix.