For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

James_Wright_02's avatar
James_Wright_02
Icon for Nimbostratus rankNimbostratus
May 01, 2014

Single sign-on to my IIS Web service

I'm trying to figure out single sign-on for what I thought would be a simple scenario. My F5 (Big-IP 5000, 11.4) is in front of my IIS web service. I want it to authenticate credentials with my radiu...
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
May 01, 2014

Okay, so a few additional questions for clarification:

 

Step 2: WebAPI responds with the SessionDetail XML, containing the SessionTokenID assigned to that user.

 

  1. Does this mean the session token is buried in an XML document?

     

  2. Are you attempting to abstract the user form the initial logon? Is the user no longer a web services client, or do you want to pass an alternate credential form, validate with RSA, and then transform to the required format, or will the web services client continue to communicate as if there's no proxy and you just need to validate the credentials in the URI against RSA before allowing it to pass?