Forum Discussion
NimbostratusAuthentication access policy for intranet site / APM Module
NimbostratusThanks a lot for all your help with this question Kevin. We deployed an access policy with the help of F5 professional services from Australia. The end solution relies quite a lot of an iRule to selectively enable/disable the access policy when particular URi's are quested. I've got a basic ACL definied within the irule too. Once a user succsessfully exits the access policy, their APM attribute variables are checked for authorisation purposes. It works really well, and since we had this positive experience I've been able to utilise what I've learned about kerberos SSO to leverage the same framework for three other systems successfully. Loving the APM at the moment ;)
If anyone has any questions on this ballpark, I'd be only to happy to help/share experiences.
Microgag_61404Hi Gavin, Would you be able to share on how to configure the "Correct UPN variable" and the "LDAP Query" in detail. Also the irule that are in use. Thanks and Regards
f5learn_164388Hi Gavin We did a setup very similar to yours for the client side Kerberos part and are seeing some issues which I have documented in the link below. I got a response from a forum member regarding caching. Could you please let us know if this is what you too ran into. https://devcentral.f5.com/s/feed/0D51T00006i7dXkSAI Thanks Ski
