Forum Discussion
Alexander_01_13
Jan 10, 2014Nimbostratus
Yes, two different policies.
Would branching out based upon host header solve the sso problem? Still, a session cookie obtained logging on to ServerB would sso to ServerA, wouldn't it?
After a look at the session variables I found the following useful: In a two-factor authenticated session the variable
session.securid.last.state
has the value SECURID_AUTH_STATE_ACCESS_ACCEPTED
. So, in an iRule I have to check that this variable is set and if not I will redirect to the login form.
Good idea?
Regards, Alex
- Michael_Koyfma1Jan 12, 2014CirrusYes, that's certainly a good and easy approach - check for the existence and value of that variable.. However, if you have two different policies why would this matter? Each policy would execute separately, unless you are setting a domain cookie -is that what you're doing?