Forum Discussion
SV2022
Cirrus
CirrusSSO
I am.beginner with APM I could see same access profile is mapped to 2 different VS. 1.my understanding is they have mapped same access profile to make sso work between virtual servers..is that righ...
Read this article for more clarification: https://my.f5.com/manage/s/article/K15387
Search for "Session cookie design"
Hi beginner 😉,
- Yes. Attaching the same APM policy to two virtual servers will result in SSO. So user is logged-in to VS 1 will result in SSO to the second.
- It doesn't validate credentials, F5 is using an APM session cookie for this. Since the user has this cookie and an active session the second virtual server doesn't need valid credentials.
There are 3 options for this when you create a new policy/profile.
From the Profile Scope list, retain the default value or select another.
-
- Profile: Gives a user access only to resources that are behind the same access profile. This is the default value.
- Virtual Server: Gives a user access only to resources that are behind the same virtual server.
- Global: Gives a user access to resources behind any access profile that has global scope.
Brambre29
Nimbostratus
NimbostratusHi,
I have another questions what if the application is outside of F5 is it possible to apply SSO with method like HTTP Basic, form-based and etc?