For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

sbu1's avatar
sbu1
Icon for Nimbostratus rankNimbostratus
Jan 27, 2014

SSO in HTTPS Portal Access Resource Items

Hi   I made a small FormBased SSO Configuration (URI Triggert) for a Website, which i'm publishing trough a PortalAccess on my Webtop. If i assign the SSO-Configuration to the AccessProfile, the S...
BIG-IP Access Policy Manager (APM)
portal access
security
SSO
webtop
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jan 27, 2014

The best approach, in my opinion, is to point the portal resource at an internal virtual server with a simple access policy (start-allow) and SSO profile, the last thing you tried. The trick is that you have to set the internal SSO profile's session variables in the external access policy. So for example, if you were doing a form-based SSO on one internal policy (which might session.logon.last.username and session.logon.last.domain session variables), and Kerberos SSO on another (which would require session.logon.last.username and session.logon.last.domain), then you would need to set all of those session variables in the external access policy.