APM Cookbook: AutoLaunch SAML Resources
Introduction
After the SAML labs at Agility I got a lot of questions about how to automatically launch SAML resources and skip the webtop, and I promised I'd write it up for you. If you haven't be...
Published Aug 10, 2016
Version 1.0
Graham_Alderso1
Employee
EmployeeGraham_Alderso1Employee
Employee
JoeTheFifth
Altostratus
AltostratusI haven't done much research about this yet but here is what I will be looking into: Use APM as SP and IDP => replace ADFS/WAP Proxy. so configure an sp and and idp on the same bigip and bind them. create two policies (sp policy and idp policy); have two web apps webapp1.domain.com and webapp2.domain.com directed to the sp VS. no webtops no ressources. user puts webapp1.domain.com in his browser and hits the sp vs . sp vs redirects the to idp vs to do ldap auth. idp vs redirectes to the sp vs (webapp2.domain.com) with saml assertion. sp vs policy gets the username drom the saml assertion and does kerberos sso to webapp2.domain.com.
Is this possible with APM version 12 ?
I have already used APM as IDP with adfs and web application proxy to do kcd auth. but I want to get rid of adfs and webapplication proxy.
Thanks.