F5 BIG-IP password is hashed during Form based Client Initiated SSO

Question

Hi, I'm having trouble setting up a seemingly simple SSO configuration for a portal. I have an initial logon page with AD authentication and an SSO credential mapping block to expose the user credentials in the session variables session.sso.token.last.username and session.sso.token.last.password. The problem is that when the password is injected into the app's login page, it is hashed (example: $CK$$XVGtyxu5Eni4DyNzJlVz1+UK/7NIy+00). I've also tried enabling the "secure" option in the form's configuration, but when it is enabled, the only password the app receives is "f5-sso-token". I will attach a screenshot below with the APM configuration. Thanks in advance.

zamroni777 · Accepted Answer

have you used "mcget -secure" to read the decrypted password?https://my.f5.com/manage/s/article/K07645403

Forum Discussion

F5 BIG-IP password is hashed during Form based Client Initiated SSO

Recent Discussions

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

SSL bridging without SSL proxy forward

Should config via cli rather than gui?

Related Content

Workshop: Deploy BIG-IP Cloud through Automation

Automating Packet Captures on BIG-IP

Arabic Blackboard F5 series [what is Big-IP]

Re: Mitigating OWASP API Security risks using BIG-IP

Scaling BIG-IP With ECMP and RedHat Ansible

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS