Forum Discussion

Dor's avatar
Dor
Icon for Nimbostratus rankNimbostratus
Nov 16, 2020

publish PROD and DEV through ASM

hey,

 

i have 2 environment, prod and dev for some app. the customer is using the same URLs for each, and accessing DEV by changing the HOSTs file on the computer.

i have configured the PROD env to be published via ASM, and authentication is done using SAML by APM.

traffic of the app cannot pass the APM since the app uses "CORES" which is not supported by APM.

i was wondering if i can do some manipulation on the traffic and maybe to change the pool associated with the session

 

for example something like this:

1) user authenticate to the APM via SAML

2) the user will get some cookie

3) the ASM will choose the relevant pool according to the cookie

 

thanks

4 Replies

  • Hello Dor,

     

    What does "CORES" mean?

    AFAIU, you have the problem with passing traffic though APM and not ASM. Am I wrong?

    If this is so, then this is APM related problem only, because APM gets traffic before ASM.

     

    Thanks, Ivan

  • Dor's avatar
    Dor
    Icon for Nimbostratus rankNimbostratus

    hey,

     

    CORES is a browser security feature, it allows the app to send headers that instruct some security aspects that the browser should take on the presented web page

    it seams that it is not supported on the APM module. to overcome this we have publish the web application using ASM, and enabled SAML authentication on the APP with another VS on the F5 with APM as IDP

    • CORS... got you.

      So, it looks like you have a problem with APM only. Right?... and it looks like you resolved it by involving another VS. Am I right or you still have some problem?

       

      Thanks, Ivan

      • Dor's avatar
        Dor
        Icon for Nimbostratus rankNimbostratus

        yes you are right....

         

        well now i have a request from the customer to allow access also to the DEV environment....

        the problem both PROD and DEV uses the same FQDNs, and they are on different server..

        i thought maybe by changing the selected POOL by some parameter i can have both of the environment published.