Forum Discussion

Cirrus

Oct 19, 2015

APM multi domain SSO, incorrect timeout URL

Hi, I've set up APM with multidomain SSO. Let's say I have a site "service.mydomain.com" and a login URL "login.mydomain.com". Works fine, I go to service.mydomain.com, I don't have an APM ...

BIG-IP Access Policy Manager (APM)

security

Seth_Cooper

Employee

Oct 19, 2015

The SSO_ORIG_URI is going to be consumed by login.mydomain.com and then it is part of the session. When the session timeout hits the session is removed. When you click "start a new session" this is completely independent of the previous request/session and a new request for my.policy happens in the browser. This new request gets a new session id and has no idea about the previous SSO_ORIG_URI so it will stay on the login.mydomain.com resource.

I suggest configuring a longer timeout value if this is a problem.

Seth

Forum Discussion

APM multi domain SSO, incorrect timeout URL

Recent Discussions

Problems connecting to vpn after upgrading to ubuntu 24.04

Wildcard SSL Certificate Deployment on F5 LTM

iRule resulting in too many redirects

What happens if I only enable ASM in BIG-IP Under System > Resource Provisioning

URL

Related Content

Enriching AFM with public domain Threat Intelligence

big3d timeouts

domain blocking

api token timeout change

Change cookie domain in HTTP::respond