Forum Discussion

Dmytro_Levytsky's avatar
Dmytro_Levytsky
Icon for Nimbostratus rankNimbostratus
Dec 14, 2011

Switch between session with different SSO

Hello. Can anybody help me with my dilemma :). I have two virtual server (VS1 and VS2) and two different web SSO (WEBSSO1 and WEBSSO2) for each of them. Also I have a third virtual server VS3 with irule:

 

 

when HTTP_REQUEST {

 

if { [HTTP::uri] equals "Link1.net" } {

 

virtual VS1

 

} elseif {[HTTP::uri] equals "Link2.net"} {

 

virtual VS2

 

}

 

}

 

 

When I make connection to Link1.net over VS3 all is OK. Close connection. Make connection to Link2.net over VS3 all is OK.

 

 

But when I am trying switch from Link2.com to Link1.com or Link1.com to Link2.com during one connection SSO isn't switched. That's why my auth to another resource always is failed.

 

 

So my question: Is it possible to switch and force SSOs between VSs during same connection? If yes - how?

 

 

Thx

 

2 Replies

  • Is there a reason that you're using separate virtuals for this? You could potentially call WEBSSO::select to select the correct SSO by URI.

     

     

    http://devcentral.f5.com/wiki/iRules.websso.ashx

     

     

    Aaron
  • Thanks for your reply but I have tried it before. Result was the same :(

     

    I need some decision that can force SSO if link is changed during same connection.

     

     

    My access policy for VS3 looks like:

     

     

     

    | Start | --> | Logon Page | --> | | --> | SSO Credential Mapping | --> |Allow|

     

    | HTTP Auth |

     

    | | ----------------------------------------------> |Deny|