Forum Discussion
Share session multiple VPE
Hi,
One first option would be with experimenting with the "Profile Scope", and to pay attention to any negative side effects, especially if we also have VPE3, VPE4 and so on. Do you mind me asking "why having/keeping 2 separate VPE?" Some kind of legacy? Do they both authenticate users within the same domain/realm (I mean: if user1 is authenticated to VPE1/domain1, does that mean we have some kind of "trust" with VPE2/domain2"? I mean: user1 is authenticated to VPE1/domain1: does that mean SSO2 should be using username/credentials from domain1 to connect to app from domain2) Should this apply to all users? Do the FQDNs for VIP1 and VIP2 belong to the same domain? (sorry for the burst of questions, here;))
- ruancarlossNov 19, 2022Nimbostratus
both vpe authenticate to same AD, with same fqdn.
the reason for having two vpe is to keep oauth policies (oauth_profile) separate from the others.
I had already configured the profile scope as global, but apparently it doesn't work as expected. when calling applications from another vpe it requires login.
That's exactly the idea... Users authenticated in vpe1 somehow perform auth/SSO when calling applications from vpe2, that is, without calling a new authentication.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com