Forum Discussion
NimbostratusAPM - Splash Screens and SAML.
Hello. Apologies in advance, I'm very new in the APM/iRule space and wanting to learn more. I was pointed here as I was told the community are great and are open to any type of F5 questions.
Currently using APM F5 as an IDP for multiple in house application and the question was proposed to me if we can initiate a splash screen post authentication for users that may be missing a specific SAML attribute i.e. 'mobile'. In the case the SAML attribute was not present then a splash screen would be presented (I suspect through an iRule) which would have the ability to consume a mobile number of the user. I was told that F5 is unable to update ADFS so possibly a POST from the F5 to a PW manager might be the solution.
In brief; is it possible to have a splash screen appear based on a SAML attribute being present or not? if so, Can the splash screen consume data provided? Suggestions around how this would be done in the policy manager. Can the F5 update ADFS?
A big thank you in advance. Again I'm very new to this space so apologies on the generalisation of the question.
Thanks
Yann_DesmarestCirrus
Hi,
You are the master of your F5 APM policy, so basicaly, you can do whatever you wanted.
Regarding your need, you can define a new ending on your VPE that you will use when some attributes are missing. This ending can redirect the user to a specific URI handling the splash screen and a POST form embedded. When the user submit its mobile attribute, the forms can send the action to the PW manager or to a specific URI handled by the F5 device, then the bigip send a sideband request to the PW manager.
There is a lot of possibilities available. But, it will require some irule coding to make it works.
You can have a look at sideband commands within irules to integrate with your PW manager
You can have a look at ifiles concepts and their use within irule to host statixc html, js and img content.
Bye
Yann