Forum Discussion

chamindak_11539's avatar
chamindak_11539
Icon for Nimbostratus rankNimbostratus
Jul 31, 2014

APM redirection while preserving SSO

Hello all,

 

I'm having problems trying to redirect a APM session to a different APM VIP while preserving SSO.

 

I'm trying to do a APM policy to achieve the following:

 

[Login] -> [LDAP Auth] -> [SSO Map] -> [LDAP Query Attribute A] ->

 

Branch 1: Allow to resource, default pool Branch 2: Redirect to a VIP that is configured on the VPN, keep the session open.

 

The idea is if branch 2 is selected the user will be directed to a different application that has a APM policy on the same box. Because the user is already logged in and the SSO is setup, the user should be automatically logged into the redirected APM VIP App.

 

I'm using the redirect option on the VPE "Endings", simply using the URL.

 

When testing, upon hitting the redirect, the APM log for the session stops, I expected it to continue on the new session. The web page is redirected to a f5 APM page that mentions "policy is being processed for the session, and if this is a new tab close it".

 

Am I missing the logic here of redirection and SSO? Should this be done differently?

 

Any suggestions are much appreciated.

 

Thanks all!

 

APM
deployment
design
security
SSO

2 Replies

Sort By
  • Arnaud_Lemaire's avatar
    Arnaud_Lemaire
    Icon for Employee rankEmployee
    Jul 31, 2014

    can you check if Multi domain SSO is something matching your use case ?

     

    http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-5-0/25.html?sr=39306981