For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nicolas_Martin-'s avatar
Nicolas_Martin-
Icon for Cirrus rankCirrus
May 26, 2021

Hi!

Depending on what you need to achieve you may :

-Configure APM to authenticate user using your ADFS SAML IDP. On user side nothing change compare to how it's working now : They browse https://mysite.example.com => APM redirect to  myadfs.example.com => User login and get redirect to https://mysite.example.com => APM authenticate user and pass traffic to backend => backend redirect on more time to myadfs.example.com but as the user is already logged-in ADFS no action is required and the user automatically get redirect back to the backend. (In this case the SSO is built-in SAML : you authenticate once in ADFS and this authent is passed to APM and backend)

 

-Option2 is to configure your backend server to allows kerberos / header authentication. Then configure an SSO profile on APM to pass the user authentication to backend with kerberos / NTLM

 

Other option can also work but are more complex and may consume more concurrent session licence on APM.

 

Regards,