Single Sign On with LDAP authentication

Question

Hii...we have a web application on which we use LDAP authentication..we want big ip traffic to be authenticated by LDAP..which i guess can be done by auth modules...but the main catch is once the user gets authenticated..he should have all the access on the page...i.e big ip should operate as a single sign on...searched a lot for this..can this be done using big ip...guess we have to hold the data in cookies...

colin_walker_12 · Answer

This is certainly do-able, depending on how your back-end systems are checking for auth information.  The BIG-IP can, indeed, authenticate against the LDAP systems you currently have.  It's then just a matter of determining how that data needs to be stored in the user's session to ensure the back-end web-servers know they're already authenticated.&nbsp;
&nbsp;If your systems are looking for a cookie, that's something that's easy to insert via the BIG-IP, once a user is successfully authed in. All you would need is the HTTP::cookie insert command, once you've verified a user's credentials. You could then insert a cookie with the name/data you need at the back-end to prove the user is authenticated.&nbsp;
&nbsp;The documentation on this command is in the wiki here: Click here&nbsp;
&nbsp;Hope this helps,
&nbsp;Colin

Forum Discussion

Single Sign On with LDAP authentication

Recent Discussions

How to export a list of paired external service providers from APM?

How to Renew F5 Device Certificate

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Statistics ›› Analytics : HTTP : Overview

Related Content

APM Cookbook: Single Sign On (SSO) using Kerberos

Zero Trust building blocks - Leverage F5 NGINX Plus Single Sign-On (SSO) and F5 XC

Digest based Single-Sign-On

Apache mod_auth_tkt Single Sign On

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS