APM SSO Issue

Hi Bakir_abdel,

Turn up your APM SSO log level from notice to debug to see additional information on why the SSO is failing. More than likely there is a element in the HTTP form that is not being represented in the APM forms SSO configuration.

A good way to troubleshoot this is to install the free version of HTTPWatch and determine what data is being POSTed to the HTTP form action page and ensure the same variables are configured in the APM form SSO configuration.

Hope this helps.

Cody

Hi Cody,

Thank you for your response, after debbuging the session process i got this errors:

• "Log Message checking start uri match, start uri: '/web/intranet/connexion?p_p_state=maximized&p_p_mode=view&saveLastPath=0&_58_struts_action=%2Flogin%2Flogin&p_p_id=58&p_p_lifecycle=0&_58_redirect=%2F', request: '/c/portal/login;jsessionid=06D59F913F82068C953FA442C081CF82.tomcat1?redirect=%2F&p_l_id=10505'"

   

• "Log Message\N: no start uri match"

   

• "Log Message metadata len 648"

Regards

Hi,

So it looks like your start URI is a little to specific. The attributes you have included in the start URI need to be sanitized for what is user specific and what is page specific.

Do most of your pages us the following URL: /web/intranet/connexion?

If so, you may want to use the forms - client initiated SSO method instead. This is very useful in java applications that all use the same base url and the attributes included in the URL to define what the page is can vary in location/order.

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-sso-config-11-2-0/3.html

Its worked now. the problem was in my start URI is not correct.

Thank you