Forum Discussion
CirrusClient Initiated SSO Help
I have the following website that i am trying to log into with form-user initiated sso configutration. I have never done this before and i was wondering if anyone can take a look at what i have. here is the site:
HTTP/1.1 200 OK Connection: Keep-Alive Content-Length: 1226 Date: Fri, 13 Mar 2015 22:24:13 GMT Content-Type: text/html; charset=ISO-8859-1 Server: company Web Server Accept-Ranges: none Cache-Control: no-store, no-cache, private, max-age=0, s-maxage=0, must-revalidate, no-transform Pragma: no-cache X-Frame-Options: DENY
Username:
Password:
I have the following for parameters:
Form detections = /system/signonforms/emrRoundsLogin.htm?hcis=TROLL.LIVEF&device=Tablet&platform=Focus
password = %{session.sso.token.last.password} and make it secure (yes) userid = %{session.sso.token.last.username} and not secure
So basically i sign into my access policy and this is the sso configured and nothing happens. it just stops on hte page. is there a way to see or test the sso to find what is erroring out?
8 Replies
kunjan_118660Cumulonimbus
You can enable debug in the SSO general settings and verify /var/log/apm to check first if the form identification is working.
Rosieodonell_16so i am getting a -bash error saying i don't have permission. i tried adding tmsh /var/log/apm but i am getting the following error: Syntax error: unexpected argument "/var/log/apm/"
kunjanNimbostratus
You can enable debug in the SSO general settings and verify /var/log/apm to check first if the form identification is working.
- Rosieodonell_16so i am getting a -bash error saying i don't have permission. i tried adding tmsh /var/log/apm but i am getting the following error: Syntax error: unexpected argument "/var/log/apm/"
- kunjan
Sorry, what I meant is to check the debug logs in /var/log/apm file.
- Rosieodonell_16So i have been working on this and I think i have gotten farther. If the user types in: https://appliance.domain.com/Emr-EmrMobileWeb.HomePage.WR.mthr?hcis=TROLL.LIVEF&device=Tablet&platform=Focus i have a rewrite-uri profile that takes / and rewrites it to http://server.domain.com and the SSO works. but i need all traffic that hits the device to always come in with the URL: https://appliance.domain.com/Emr-EmrMobileWeb.HomePage.WR.mthr?hcis=TROLL.LIVEF&device=Tablet&platform=Focus Its weird because i tried adding a basic redirect that sends all traffic to that URL but it seems to break everything. Can you have redirects and rewrites on the same Virtual server or is there an iRule that can do this better for me?
- kunjan_118660
Sorry, what I meant is to check the debug logs in /var/log/apm file.
- Rosieodonell_16So i have been working on this and I think i have gotten farther. If the user types in: https://appliance.domain.com/Emr-EmrMobileWeb.HomePage.WR.mthr?hcis=TROLL.LIVEF&device=Tablet&platform=Focus i have a rewrite-uri profile that takes / and rewrites it to http://server.domain.com and the SSO works. but i need all traffic that hits the device to always come in with the URL: https://appliance.domain.com/Emr-EmrMobileWeb.HomePage.WR.mthr?hcis=TROLL.LIVEF&device=Tablet&platform=Focus Its weird because i tried adding a basic redirect that sends all traffic to that URL but it seems to break everything. Can you have redirects and rewrites on the same Virtual server or is there an iRule that can do this better for me?
