Forum Discussion
s_evissa_186607
Nimbostratus
NimbostratusSSO Type based on URI
Hi,
Wonder if someone could point me in the right direction.
Users login with AD credentials and SSO is working fine with client initiated form to a website, but part of that site as a link to another site that requires NTLM. Whats the best way to get NTLM to work with the link
Thanks
6 Replies
Michael_JenkinsCirrostratus
You can assign an sso profile in an iRule based on the URI if you want. Check out the WEBSSO wiki page.
You should be able to use the WEBSSO::select function to set a different SSO profile. NOTE: I don't think that the example is accurate though. I've always had to format the command like this
WEBSSO::select [set foo "/Common/SSO_PROFILE"]
s_evissa_186607Thanks for for response, So all I would need to do is select my NTLM SSO Profile based on a match of URI string along a NTLM machine account ?
- Michael_JenkinsYea, you could just select one of the ntlm profiles and it should work.
- s_evissa_186607Than you, Sorry for dumb question, but what is the flow of traffic after user has authenticated with AD via APM and and the website requires NTLM auth.
- Michael_JenkinsAfter the user logs into the APM, and you set an SSO profile for NTLM to the backend website, when the user accesses the site, and it responds with a 401, the APM will intercept that response and perform the negotiation itself.
