For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Stefan_Klotz_85's avatar
Stefan_Klotz_85
Icon for Cirrus rankCirrus
Sep 04, 2015

SSO with different subdomain and APM 10.2.4

We are running an APM on 10.2.4 and an upgrade to version 11 is not an option right now. We configured it for OWA and this working fine. Now we want to extend the OWA functionality with the Enterpris...
BIG-IP Access Policy Manager (APM)
deployment
security
Stefan_Klotz's avatar
Stefan_Klotz
Icon for Cumulonimbus rankCumulonimbus
Sep 11, 2015

Hi Stanislas,

 

I entered "company.com" in the Domain Cookie field of the APM policy and this works perfectly fine. The MRHSession- and LastMRH_Session-cookie are now stored only with company.com.

 

But for the EV-plugin I'm still getting a 401. Interesting when verified with FF "Live HTTP headers" add-on I see two requests towards the ev DNS-name, the first one is answered with a 200 OK, but the second with a 401 (WWW-Authenticate: NTLM). I'm currently checking with application team, as I'm not sure if this is still a LB issue or somehow related to the application.

 

Thank you so far!

 

Ciao Stefan :)