Forum Discussion

Cirrus

Jan 20, 2020

ADFS Proxy without password

Hello! When a SP-initiated federation is initiated and the user gets to BIGIP APM you normally use a Logon page and send their credentails to ADFS with a "forms client initiated SSO". Bu...

application delivery

BIG-IP

BIG-IP Access Policy Manager (APM)

Johan_Lång
Feb 05, 2020
I figured it out. You need to configure a new claims provider (in this case BankID) and make it available to the RPs. Then you need to make BIGIP to choose wether to use the new CP or Active directory with an iRule.

Leonardo_Souza

Cirrocumulus

Jan 24, 2020

If the iDP can't send you the password, and I understand why not, you can't use the username and password to authenticate to the internal application/service, that in this case is ADFS.

Unless you can setup ADFS as SAML SP for that external iDP, or ADFS can accept what you receive in the SAML assertion (BankID for example) for authentication, I don't see any valid option.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ADFS Proxy without password

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Password Safety & Security: Passwords vs. Passphrases

Automate scp transfers using password

Proxy Protocol v2 Initiator

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Ansible module to update BIG-IP root/admin passwords

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS