Forum Discussion
Kumarchamp
Nimbostratus
NimbostratusAPM SSO re-authenticates after Inactivity timeout 900 seconds.
Hello All,
I am a newbie to F5 and kindly bear with me if my queries are basics in F5. But I did googled a lot before posting this.
We have two applications A & B with same domain cookie ab...
Stanislas_Piro2
Cumulonimbus
CumulonimbusI think your need is SAML...
a SAML IdP server (Not F5 APM, search for shibboleth) which authenticate users for 24h a SAML SP server (F5 APM) which redirect users to IdP sever if session is not present.
If IdP server receive a request for an existing user session, it will redirect user to the APM with the SAML assertion allowing APM to create a session seamlessly.
This allow you to manage user authentication timeout on IdP to 24h and on SP to 900 seconds...
The only one limitation is APM does not know user password, NTLM SSO is not available in this case and must be replace by Kerberos Contraint Delegation (Kerberos SSO)
