Forum Discussion

Nimbostratus

Jun 07, 2013

SSO for webserver

Hi out there I need an idea how I can awoid my users in cheating me. I have a SSO setup where I through a client initiated webform do a SSO login to a webserver. After this the APM j...

config

design

Kevin_Stewart

Employee

Jun 07, 2013

Okay, so you have two sets of users: external and internal. To prohibit internal users from going directly to the server, you would need to 1) force internal DNS to point to the APM VIP, 2) enable SNAT, and 3) set IP filters on the servers so that no HTTP traffic could get to it unless it came from the BIG-IP (self-IP).

For external users, and internal users forced through APM, you would need to create an SSO profile that takes the credentials from the APM logon page and posts them to the server's logon page.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSO for webserver

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Simplifying OIDC and SSO with the New NGINX Plus R34 OIDC Module

Enhanced Modern Applications and MicroServices SSO with NGINX

LTM Monitoring IIS and Webserver Binding

Proxy pacfile hosting without need for Webservers using iFiles on v11

Go in Plain English: Creating your First WebServer

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS