Forum Discussion
blwavg_10621
Nimbostratus
NimbostratusSAML SSO Without a Webtop
The F5 is the SAML IDP for an external cloud based service. I am working on setting up and testing this on a webtop. Is it possible to not have to use a webtop? For example, setup an internal DNS rec...
Michael_Koyfma1
Cirrus
CirrusIt is definitely possible, but you'd need to use an iRule for that.
when ACCESS_POLICY_COMPLETED {
log local0. "Policy Completed"
switch -glob [ACCESS::session data get session.server.network.name] {
"bobscloud.company.comp"
{
ACCESS::respond 302 Location "/saml/idp/res?id=/Common/bobscloud.com"
}
}
}
The value you put in the ACCESS::respond should match the name of your SAML resource that is placed on the webtop - I named it bobscloud.com for you. Essentially, you're forcing a user to automatically hit the webtop-based IDP-initiated connection without seeing the webtop.
AP_129594Nimbostratus
NimbostratusDo you add this as an iRules Event on the visual editor or iRules under VIP?
