web redirect for SSO

Question

I have a site that when you go direct to it, it avoids our SSO tool. I want to redirect from the main URL to the SSO url, but once it has been redirected the host needs to be the same.
Example:
https://pam.example.com/ can avoid SSO - needs to redirect
https://example.okta.com/home/blah/blah/blah
which then goes back to
https://pam.example.com/WebConsole/blah/blah
My rule redirects properly at first, but then grabs and redirects the URL after the SSO sign in again, causing a 404. How can I stop it the subsequent times?
Code:

when HTTP_REQUEST {
    if { [string tolower [HTTP::host]] equals "pam.example.com" and 
([HTTP::uri] equals "/")} {
        HTTP::redirect "https://example.okta.com/home/example/0oaiosmzv7n2Qipud0x7/alniossou1CNshx5S0x7[HTTP::uri]"
    }
}
&nbsp;

yann_desmarest · Answer

Hi,&nbsp;
Your Authentication System should not only redirect the user back to pam.example.com but also insert an trust or ID or something that we can validate on the Virtual Server. Otherwise, you get redirected to okta again. &nbsp;
Why not implementing SAML bindings between F5 and Okta ? By using APM module, it's easily done. &nbsp;
Regards&nbsp;
Yann &nbsp;

Forum Discussion

web redirect for SSO

Recent Discussions

F5-SDK Get GTM Pool Server, Virtual Server, Unused Objects, and JSON Conversion for Data Processing

F5 DNS Generic Host

How do I create a traffic log for two different route domains?

Http / https health monitor issue

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Web UI Tweaks

(HTTP) Redirection via Arbitrary Host Header

Community Learning Path: Web Application and API Protection (WAAP)

The sooner the better: Web App Scanning Without Internet Exposure

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS