For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ingebrigt_Maurs's avatar
Ingebrigt_Maurs
Icon for Nimbostratus rankNimbostratus
Jun 17, 2016

How to control fields in SAMLRequest created by APM

Hi !

 

I implement a SAML2.0 Service Provider using HTTP Post binding with APM.

 

For an integration with an IDP, I need to control fields in The SAMLRequest created by APM.

 

The IDP supports multiple authentication mechanisms, and i need to control which one to use. The standard mechanism to do this is to set a value in a AuthContext (I suspect they relly mean a RequestedAuthnContext) element in the SAMLResponse.

 

Unfortunately, I cannot find a way to control the content of the SAMLResponse with APM. Is there a way? If not, how could I go about signaling to the IDP what authentication I want the User to use?

 

BIG-IP
BIG-IP Access Policy Manager (APM)
security

2 Replies

  • Ingebrigt_Maurs's avatar
    Ingebrigt_Maurs
    Icon for Nimbostratus rankNimbostratus
    Jun 20, 2016

    I currently use 12.0.0. I see the same options as in your screenshot, but I'm not able to control the fields my IDP integration partner wants me to set. Here is an example of the how they want me to add KEY/VALUE pairs to the

    :

        
    https://example.com
    
    
        VALUE

    I cannot find any way to configure use of the

    element they want me to add. I would need to control the content of the element too, including populating 'VALUE' independently for each user session.

    • samdlee_305622's avatar
      samdlee_305622
      Icon for Nimbostratus rankNimbostratus
      Sep 21, 2017

      Hi Ingebrigt,

       

      We are facing the same issue. It will be appreciated if you could share your experiences on how this issue was solved finally.