Hi F5 experts, New to F5 APM and need help in regards to below situation. We have websphere (Supports spnego/kerberos) & ms sharepoint (ntlm) on the back end and ios/safari client on the front. F5 APM is in between. When ios device with safari connects to ssl vpn (deployed on APM) it then can use the webapp on IIS transparently (no requirement to enter user/pass). However, it can't use webapp on websphere (I think this is because ios/safari doesn't like spnego) and workaround now is to let the user fill the username & password form. Is there any good way to let safari users to use websphere webapp without entering username/password? May be I can enable APM to talk to the websphere and use Kerberos and allow end user to use webapp without entering credentials? Thank you in advance.
Ipad IOS client (connected to SSL VPN) <---> APM <---> LTM <---> Websphere server
At the moment APM is not authenticating a client (no access policy applied to Vserver)
Client doesn't support spnego so only way to connect is to use login form. However same client can access sharepoint server in the same environment using NTLM. Is there any way in this scenario to allow client to connect to websphere backend without entering username / password? Would it be possible to enable authentication on APM and extract somehow client credentials and pass them to the back end? Any other options?