Forum Discussion
NimbostratusAPM single-sign on with multiple LTMs
Is it possible to use APM for single-sign on across multiple LTMS? We have a Sharepoint virtual server on one guest on a 10200 and another Sharepoint virtual server on a second guest. Is it possible for a user to be signed into one virtual server on guest A and then click a link to access a virtual server on guest B while remaining logged in? The developers want to prevent the user from signing in twice. This is across two different domains.
Thanks.
3 Replies
Michael_JenkinsCirrostratus
I hope someone else will be able to answer more definitively, but since they're on different domains, and different LTM's, you may want to look into setting up the secondary with SAML authentication, and the APM as an SP (service provider) to the primary as an IdP (Identity provider). Not the prettiest (or easiest) setup, but if there's no other way, it could be an option.
- Michael_Jenkins
Another option to look at would be the ShareAccessCookies wiki article. Not sure if it will work across different LTMs though.
- boneyard
MVP
multi domain won't be an issue i think, but multiple BIG-IPs will break it.
the other BIG-IP won't have any session active when the request the cookie arrives. you can now sync sessions within a device group, but that is just 2 APMs max.
so in the end im afraid this won't work.
