Forum Discussion
Cirrusapm ntml sso
Hi, I am publishing two share point virtual servers on the F5. both virtual servers are using different ip addresses and we identified a link one of them to access to another.both share points work active directory integrated authentication. I want to do ntlm sso between the two virtual server to deny users that forces to type their credential two times. is it possible with apm?I think that use an irule to enable policy access when user clicked the link.but I am not exactly sure it is work because I am using the share point portal login page to gain user credentials.can i gain user credential from the portal login page to work with sso ? Thanks,
3 Replies
Arnaud_LemaireEmployee
what you are looking for is multi domain SSO :
in this case, you will use a virtual url as an authentication page and the authentication will be valid for multiple virtual servers which can even be accessed on different domains (FQDN). Then you setup in you policy a traditionnal nlm sso for back end sso.
Hurricane_1983_Hi Arnaud, Thanks for the answer. Actually all app. servers are configured in the same domain.i am only wondering that can i gain users credential without creating a login page item in the access policy when users first login to the portal ? because it will be most difficult redesign the same portal page in apm. Thanks,
- Arnaud_Lemaire
you mean you don't want APM to do user's authentication, but to catch on the fly the first user auth to the backend and replay it when he goes to the second ?
you could do that with some irule matching the post to the first app logon page, but that is not elegant. is it an internal deployment ? what about doing ntlm authentication to the end user ?
