hpr_220139
Feb 14, 2018Nimbostratus
APM/LTM 12.1: SAML IdP and SP possible in one VE?
Hi, Is it possible to run an SAML IdP and one (or better: more) SPs on one VE? I found a sentence in the doc: In a federation of BIG-IP-Systems, one BIG-IP System acts as a SAML Identity Provider and other BIG-IP systems act as SAML service providers.
Our environment isn't that demanding, so one VE-cluster could take the load easily.
The use case is as follows:
- APM 12.1.3 for SSO for resources, some of them (still) form-based, one external as SAML-SP up and running.
- On premises, we have a cluster of 3 servers running OpenExchange, offering HTTP, HTTPS, IMAP and other up and running.
- An LTM load balancer is set up for that cluster, running for the cluster above, up and running.
Now, I want to have a SAML resource on the SSO-portal for that load balancer for HTTPS. Unsuccessful so far to get that one. AND not sure if that even can be done. ;)
Any clues? Thanks in advance, HP.