APM server SSO with SAML
I have a mobile application that can only authenticate users via SAML -- not Kerberos or trusted HTTP headers. I want to protect it behind APM, with an access policy to pre-authenticate the user before granting access to the application, like this:
Client --> [SAML] --> F5 APM --> [SAML] --> Server
I am able use APM to pre-authenticate the client with SAML. Following pre-authentication, how can I send the user's SAML claim to the server, so the user is authenticated to the application? There does not seem to be a SAML SSO.
In the absence of a SAML SSO, is there a way to "capture and replay" the user's SAML POST to the server, and then return the application authentication cookie back to the user in addition to the APM session cookie?
Thank you for your help!