Forum Discussion

Nimbostratus

Oct 17, 2013

URL link inside pushlished application not working

We have a custom published application in the APM using SAML as an authentication method: application.company.com. The custom application is the Service provider. We have also setup the APM as the Id...

BIG-IP Access Policy Manager (APM)

deployment

security

forsan

Altostratus

Oct 08, 2019

Hi ,

I have the same issue with my integration that I'm working on now.

1) First request goes to app1.domain.com (bogus fqdn) that runs an SP, redirected to idpX.

2) Login with username/password at idpX and gets redirected to app1 SP.

3) APM SP Accept the token and send the request to the application.

4) The application is configured with another idp. Redirect is sent to that url sso.domain.com.

5) Browser send a new request to sso.domain.com that is behind another VS with SP to idpX.

6) Request is redirected to /my.policy, at this point that request is canseled.

If I copy the link to sso.domain.com and open it in a new tab, the policy is successful. The idpX see that I have done a valid authentication already and allow my request.

The difference between the requests as I see it, the original redirect contains "Request header Origin and Referer to app1.domain.com.

Any thought about this?

Andréas

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)