Forum Discussion
tiwang
Nimbostratus
NimbostratusSSO for webserver
Hi out there
I need an idea how I can awoid my users in cheating me.
I have a SSO setup where I through a client initiated webform do a SSO login to a webserver. After this the APM j...
tiwangNimbostratus
Nimbostratushmm - been digging with fiddler and discovered that I of course am facing several problems - when I use the URI parameter in the SSO form and define a Cookie to identify a successfully login I get very sensitive to how the HTTP profile is defined - regarding chunking. If the Request chunking is defined as Preserve and Response chunking as selective the SSO form is working - mostly (need to dig deeper into that because from time to time I get a error with bad username etc)
I try to change my logon detection in the SSO form from Cookie to URI - the Cookie is first put after the user has done a selections. The URI which is presented by the webserver after a successfull logon is of this form:
fc50b556: SSOv2 Request "POST /script/selectCommunity.asp?f5-sso-form=Validform_test"
I tried to define the URI as /script/selectCommunity.asp but this isn't matched - I get a logon failed in the APM log:
fc50b556: SSOv2 Logon failed, config /dk_dmz/DK_ADPTEST_sso form Validform_test
Can you tell me what I ahve done wrong here?
best regards /ti
