Using F5 with STS ws-federation

Question

Hi all&nbsp;
I have a couple systems behind an F5 that I'm looking at using Single Sign On.  I'm unsure exactly what I need to get this working.&nbsp;
One system can use Forms Authentication or Claims (ws-federation).  The other system can use Forms or Basic Authentication.  I believe it is able to make this Claims aware - not sure what work would be involved?&nbsp;
The F5 is running v12.0 so I believe this now supports ws-federation - is this correct?&nbsp;
To support SAML / STS through the F5 how should the F5 be configured?  Is the limited APM module enough?  Is the F5 the STS server in this scearneo?&nbsp;
Thanks&nbsp;

michaelatf5 · Answer

For the easiest solution, basically, you are going to need ADFS.  &nbsp;
APM does not support WS-Fed or SAML 1.1, and STS doesn't support SAML 2.0 out of the box.  &nbsp;
I wrote a solution using the STS and Component Space SAML libraries, which was pretty simple, but if you aren't interested in going that route, ADFS is your best bet.&nbsp;

Forum Discussion

Using F5 with STS ws-federation

1 Reply

Recent Discussions

iControl for Gtm wideip

Telemetry streaming to Elasticsearch

Portal Access to HTTPS resources slow

Provisioning r2600 equipment

Could not connect to SMTP host.

Related Content

Automate scp transfers using password

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Enhance your Application Security using Client-side signals

Power of tmsh commands using Ansible

SSL Orchestrator Advanced Use Cases: DNS Sinkholing