Forum Discussion
Is SSO from LTM+APM VS to Webtop w/Advanced Resource Assignment possible?
Unfortunately APM always uses the same session cookie name.
And for IdP configuration, you must run the access policy from an SP auth request.
I can think of two solutions:
1- you can assign the SAML SP resource to your users webtop. Then users can start it be having them click a link, and IdP will work. You can catch an authentication request in an Irule and transform it into an assertion (just redirect the user to the same URI as the resource click from the full webtop) also this way.
2- use multidomain mode but exclude your IDP vip's hostname.
- NiffordSep 09, 2016Nimbostratus
Thanks for your response.
I just tried multidomain mode for the LTM+APM VS (NTLM AP). Unfortunately I still receive the same error message I was.
When looking at my browser cookies, I see two MRHSession and two LastMRHSession cookies. One set is for sharepoint.company.com, and the other is for company.com. But in the multidomain settings, company.com isn't used. The primary Auth URI is https://sso.company.com.
Any ideas why that would be happening?
Thanks.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com