For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

ADFS iApp branch with support for existing APM Access Policy

Problem this snippet solves:

ADFS iApp currently only allows you to create a new Access Policy. This branch allows you to use an existing Access Policy.

Attention: Michael Shimkus, please merge these (rather minor) changes into the official F5 release.

Note, I didn't know what the "/Common/rba" profile was for, so my code doesn't include it when adding an existing Access Policy. Please correct this if it's needed.

How to use this snippet:

Added:

  • Third APM option to the apm.use_apm, "existing"

  • Two new APM section options: apm.access_policy, apm.sso

Modified:

  • Changed all apm.use_apm == "yes" logic to apm.use_apm != "no"

  • Modified configure_apm proc to handle apm.use_apm == "existing"

Code :

https://cloudstor.aarnet.edu.au/plus/index.php/s/IlDs968uLrCKbCS

Tested this on version:

11.3
Published Dec 16, 2015
Version 1.0
application delivery
BIG-IP Access Policy Manager (APM)

1 Comment

  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    Dec 17, 2015
    Hi Sam, thanks for the input. We already have that on our list of new features for the AD FS iApp, although I don't have an ETA for you right now. Mike