Forum Discussion
gogreen
Nimbostratus
NimbostratusDecode SAML Response from IDP Server
Here is the traffic Flow : SP<===========>F5(VS/Pool)<=============>IDP Server(s) In this, SP see F5 as IDP ( F5 is acting as a proxy in front of IDP servers), Using irules, how can I ext...
Hello Gogreen.
F5 has native iRules (v14.1+) to manage SAML assertion when it works as SP or IDP.
- ACCESS_SAML_AUTHN – authentication request
- ACCESS_SAML_ASSERTION – assertion
- ACCESS_SAML_SLO_REQ – single logout request
- ACCESS_SAML_SLO_RESP – single logout response
In your case (being a proxy) and assuming that your are offloading traffic (SSL Bridging), your only chance is to manage that communication as a regular HTTP connection with headers and payload, where SAML assertion will be located in the payload section (coded in base64).
Regards,
Dario.
