SSO configuration for a webtop with a portal access with a cookie

Hello all, i have really been trying to figure out why i cant pass my login creds to a simple Intranet web server. I have APM configured with a webtop. within that webtop i have portal access to one of my intranet servers. I have tried many things to get this to work and im stuck. I created an SSO forms added in the username source as session.sso.token.last.username, and the password as session.sso.token.last.password. the form parameters uses username and password. I have applied this to the Access policy under SSO/Auth Domains. When i sign into the webtop and click on the app link it passes my username but never my password and making the connection. We had this working with TMG as just passing the session Cookie and everything worked fine. I have also tried to create a profile persistent cookie and apply it to the virtual server that is assigned to my webtop.

 

"My web developer said: What TMG did was insert a cookie with the username and a timestamp encoded. Then our authentication proc checked for a valid timestamp and that the requesting host was the TMG. If true. we log them in automatically. If not, they get the login screen.

 

What I need is something from the F5 that tells me what user it is in a way that can't be spoofed. If the F5 always sets the cookie, overriding any that the client might have supplied, it prevents spoofing."

 

And my time is correct between both the F5 and the webserver.

 

So if anyone out there may know how to make this work that would be great. I'm not an expert so please don't use vague terms on what to check