How do i determine SSO method

Question

Dears,&nbsp;
I am configuring SSO for one of the application and i am still not sure to use which Method. I have tried all the methods one after the other but it fails.&nbsp;
Is there any way to determine which method will work for the application.&nbsp;
Thanks in Advance.  &nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
you can use curl from F5 command line:&nbsp;
curl -i http://www.company.com/&nbsp;
if the code is 301 or 302, it is a redirect: follow the Location link
If the code returned is 401, the method can be Basic, NTLM or Kerberos, you must look at the WWW-Authenticate header
Basic --&gt; basicNTLM --&gt; NTLMnégociante --&gt; Kerberos
If the authentication page is a form, the method can be forms or forms-client-initiated.

ibrahim_kadiri · Answer

hi stan,&nbsp;
where do i check the information.&nbsp;
i have run the command and got the below output.&nbsp;

stanislas_piro2 · Answer

Please do not post customer information in this forum..
the method is Forms&nbsp;
to find Forms parameters to configure, I use Firefox firebug, try to authenticate with aaa login and bbb password, and search in the POST data informations.&nbsp;
in you page, &nbsp;
Start URI is /newEmsg/Pages/Login.aspxForm action is /newEmsg/Pages/Login.aspxForm parameter for Username is ctl00%24cphBody%24Login1%24txtLoginNameForm parameter for Password is ctl00%24cphBody%24Login1%24txtPassword
All other POST data must be added to Hidden form parameters with:&nbsp;
One parameter per line, followed by the value (separator is space)&nbsp;
to get them, you must split POST data with separator &amp; and replace = by space.&nbsp;
Some applications add dynamic parameters values to block CSRF attacks. this protection will disallow SSO.&nbsp;

ibrahim_kadiri · Answer

Dear stan,&nbsp;
i an geeting the below logs after enabling debug for sso,&nbsp;
2015-10-06 14:30:58
checking start uri match, start uri: '/newEmsg/Pages/Login.aspx', request: '/newEmsg/Pages/Login.aspx'
2015-10-06 14:30:58
Websso form-based authentication for user 'abc' using config '/Common/E-messaging_Form-SSo'
2015-10-06 14:31:03
metadata len 1130
2015-10-06 14:31:03
checking start uri match, start uri: '/newEmsg/Pages/Login.aspx', request: '/newEmsg/Pages/Login.aspx'
2015-10-06 14:31:03
Websso form-based authentication for user 'abc' using config '/Common/E-messaging_Form-SSo'
2015-10-06 14:31:03
metadata len 329.&nbsp;
And on the browser i am getting an error "This webpage has a redirect loop"&nbsp;
Thanks for your support.&nbsp;

ibrahim_kadiri · Answer

Dear Stan,&nbsp;
I have noticed one thing in the parameter that one of the parameter value keeps on changing. Would be the reason for SSO not working? &nbsp;
_VIEWSTATE (Keeps changing)&nbsp;

Forum Discussion

How do i determine SSO method

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Load balancing method specific decision

HTTP method conversion

Using BIG-IQ to Determine Differences Between Advanced WAF Policies

TLS Fingerprinting - a method for identifying a TLS client without decrypting

Difference between Ratio and Ratio Least Connection Load Balancing Method

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS