Sharing APM Session data with Application Server

Question

Hi guys, I am just wondering what's the best practices in  terms of sharing APM session data/variables, such as username, attributes from SAML Assertion with the backend application server after successful authentication? For the time being, we sende those info to backend application server as customized HTTP Request Headers, IMO, it is not a good way to do it. Can someone share your valuable experiences with me?&nbsp;
Another scenario is as following: How could multiple backend applications could exchange info/data in between them when user "switches" from App1 to App2 seamlessly thanks to SSO?&nbsp;
Thanks in advance!&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
What variables do you want to share. The most secure solution when user authenticates with SAML is to not "share" variables but enable kerberos SSO.&nbsp;

Forum Discussion

Sharing APM Session data with Application Server

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

Share Your Expertise at F5 AppWorld 2025! CFP is now open.

DevCentral 2024 - Share Another Day

Knowledge sharing: High CPU/Memory/Swap investigation/troubleshooting

VIPTest: Rapid Application Testing for F5 Environments

Knowledge sharing: F5 Software Upgrade/RMA process

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS