For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

gogreen's avatar
gogreen
Icon for Nimbostratus rankNimbostratus
Nov 16, 2020
Solved

Decode SAML Response from IDP Server

Here is the traffic Flow :   SP<===========>F5(VS/Pool)<=============>IDP Server(s)   In this, SP see F5 as IDP ( F5 is acting as a proxy in front of IDP servers), Using irules, how can I ext...
application delivery
BIG-IP
irule
iRules
LTM
security
  • Dario_Garrido's avatar
    Dario_Garrido
    Nov 18, 2020

    Hello Gogreen.

     

    F5 has native iRules (v14.1+) to manage SAML assertion when it works as SP or IDP.

    • ACCESS_SAML_AUTHN – authentication request
    • ACCESS_SAML_ASSERTION – assertion
    • ACCESS_SAML_SLO_REQ – single logout request
    • ACCESS_SAML_SLO_RESP – single logout response

     

    In your case (being a proxy) and assuming that your are offloading traffic (SSL Bridging), your only chance is to manage that communication as a regular HTTP connection with headers and payload, where SAML assertion will be located in the payload section (coded in base64).

     

    Regards,

    Dario.

Norris's avatar
Norris
Icon for Nimbostratus rankNimbostratus
Nov 23, 2020

Thanks for the information

boneyard's avatar
boneyard
Icon for MVP rankMVP
Nov 23, 2020

please flag the question as answered if it was, it helps other recognize the status.