For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

John_Reddington's avatar
John_Reddington
Icon for Nimbostratus rankNimbostratus
Jul 22, 2014

Seamless athentication to Webtop

Is it possible to authenticate to a webtop seamlessly using the AD credentials our users are already logged onto their machines with?   To qualify, we have a webtop, that when accessed, presents u...
BIG-IP Access Policy Manager (APM)
deployment
security
John_Reddington's avatar
John_Reddington
Icon for Nimbostratus rankNimbostratus
Jul 28, 2014

I think this is starting to make sense... Once I have done Kerberos on the client side of the APM and exposed my webtop objects, could I then do SAML (on the webtop objects that support it) on the server side... without needing to collect the users password?

 

noting the end result here I am trying to validate is that I have logged into my domain joined machine.. I fire up a browser and go to my webtop, it lets lets me straight in, because I have aleady logged into the domain. From there I am presented a link to an application that authenticates me using SAML (via an iDP linked to the same AD I logged into my workstation with).. when I click that link, again I should go straight in as it should recognise due to the credentials I have already logged into my machine with.

 

Related Content