F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

tjp's avatar
tjp
Icon for Nimbostratus rankNimbostratus
Feb 26, 2015

APM redirect to /my.policy stripping POST data

I have a condition where an unauthenticated user sends a POST request to a F5 virtual server running Access Policy. As part of the authentication process, the F5 redirects the original POST to /my.po...
BIG-IP Access Policy Manager (APM)
security
Andy_Turner's avatar
Andy_Turner
Icon for Nimbostratus rankNimbostratus
Oct 29, 2015
I have this exact same issue with our Shibboleth IdP. The SAMLRequest is in the POST data section of the HTTP request prior to redirect and log in to APM. After log in to APM, it's gone. Users who already have an APM session prior to visiting the SAML protected site get in fine since the POST data is never stripped. Has anyone managed to fix this or found a workaround that still uses the POST data e.g. capturing it pre APM page and injecting it back in afterwards? I've just raised a support call anyway to try and get a resolution.