Forum Discussion
NimbostratusCredentials are not passed with APM and Single Sign-on
I created an access policy that authenticates via LDAP for Exchange. I am able to log get past the APM login page, but my credentials are not passed to OWA. After passing authentication via APM, I get the OWA login page instead of an automatic login to OWA.
I have the following setup:
SSO Configurations-> Client-Initiated
I created a form with the following parameters:
Form Parameters:
password %{session.sso.token.last.password}
username %{session.sso.token.last.username}
Form Detection (Request URI):
/owa/auth/logon.aspx?replaceCurrent=1&url=
/owa/auth/logon.aspx?url=
Logon Detection (Cookie Name): sessionid
Advanced Settings: Javascript Injection: clkLgn()
The SSO form is applied to the access policy.
Thanks.
4 Replies
mnb_63148I am receiving the following error in the APM log, "Could not find SSO username, check SSO credential mapping agent setting." Also, when I click the "View Session Variables" link in the APM report, it is blank.- boneyard
MVP
you didn't make any modifications in any of the fields, for example user different variables for your logon?
you are sure the correct policy is used and it is updated?
- boneyard
just shooting from the hip here, you could try an LDAP lookup after the LDAP auth.
Stanislas_Piro2Cumulonimbus
Can you add a logging box at the end of the policy to log
- session.sso.token.last.username
- session.logon.last.username
and validate sso username variable is provisioned
