Forum Discussion
Micah_Haarbrink
Jan 10, 2014Nimbostratus
SAML Cookie Persistence after browser/system restart and across service providers
I am fairly new to the F5 world and in the beginning of setting up our LTM's as SAML IdP's for a variety of services. Our first use-case is Jive, which we have working and all the attributes are pul...
Michael_Koyfman
Jan 10, 2014Cirrocumulus
I assume you are actually talking about leveraging F5 Access Policy Manager(APM) for this. If so, the cookie behavior is controlled under SSO/Auth Domains tab of the access policy. Check the Persistent checkbox, and it will be persistent across browser restarts.
- Micah_HaarbrinkJan 10, 2014NimbostratusHey Michael, Thanks for the response. I am indeed using APM. I did check that box and applied the policy but it didn't seem to have the intended effect. I was testing on a Mac (Safari and Chrome) and Windows 7 (Chrome and IE 9). I cleared cache and cookies on all browsers, logged in successfully, closed the browser and opened them again (definitely didn't clear cookies in that restart) and when I hit my web service it tosses me back to the F5 SSO logon again. Results were consistent across all browsers. I asked an F5 contact we have and he mentioned the same thing about the checkbox but thought maybe we were missing a step being in a newer version. We're running 11.4.1 HF2 but I haven't seen anything in the hotfix notes that might explain it. Should I expect to see a new cookie in the temp internet files directory to reflect the fact that I'm using a persistent cookie? I did keep an eye on that temp files directory and didn't see any cookie for "auth.mydomain.com" which I was kind of expecting as well.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects