GTM and SSO

I have a question regarding writing irules on GTM to facilitate a SSO requirement:

 

User

 

!

 

GTM

 

!

 

----------------------------------------------

 

! !

 

LTM 1 LTM2

 

! !

 

AM1 AM2

 

! !

 

Portal 1 Portal2

 

 

(West) (East)

 

 

The scenario:

 

 

The user first clicks on a application on portal 1(West) and then tries to connect to an application on portal 2 (East).

 

Question: Can GTM facilitate the single sign on requirement so that the user does not have to log in again on portal 2?

 

 

The process:

 

 

1) The user clicks on a application on portal 1. Access Manager Policy agent intercepts and returns a GTM return URL for client authentication.

 

 

2) GTM will return the appropriate LTM hostname that the client will connect based on a policy - in this case - The West LTM ( LTM1). Once GTM resolves the requested name, it is out of picture and no traffic will be redirected to GTM.

 

 

Question: Can the GTM achieve session stickiness here via irule/cookie? The requirement here is should any more request come to GTM via policy agent , GTM would forward the request to LTM1 for this session.

 

 

3) User connects to LTM1 for Authentication. Session stickiness (cookie) is set for given AM server . The user logs in.

 

 

4) User clicks a link to a application on portal 2 - SSO

 

 

Policy agents on portal 2 intercepts and ask GTM about the clients AM session.

 

 

Question: Can the GTM achieve session stickiness to the initial session? ( i.e GTM would forward the request to LTM1 )