Forum Discussion
NimbostratusLTP+APM SSO
Hi,
I want to reach an internal Web application via F5. I configured an LTM-APM access profile and under the visual police editor, I have configured a rule where I make a first check based on the hostname. If the hostname is "applicationA.mycompany.com", so I assign a static pool for applicationA servers (without webptop or portal access) and if the hostname is "applicationB.mycompany.com", I assign a the static pool with applicationB servers in this pool.
Currently, this is working, I can reach theses applications from Internet via the F5. But I want to configure an SSO for these applications.
My question is: how I can configure an SSO and attach an SSO profile for these different pools ?
BR Jerome
iaineNacreous
Have you looked at WEBSSO::select - you could select the appropriate SSO profile based on some preceding logic in an iRule
Something like
when HTTP_REQUEST { if { [HTTP::host] equals "applicationA.mycompany.com"} { WEBSSO::select } }- iaine
You could either configure your APM policy to look for the application logout URI in the properties of the policy. Or, if you want more flexibility, you could add some logic to your iRule to kill off the session using ACCESS::session remove
So something like...
when HTTP_REQUEST { if { [HTTP::uri] equals "/logout"} { ACCESS::session remove TCP::close } } 
Stanislas_Piro2Cumulonimbus
Hi,
Don't assign pool in VPE but in irule.
If you assign pool in VPE and want to share the same session between urls, the host name reached to start the session force the pool for all next urls.