cancel
Showing results for 
Search instead for 
Did you mean: 

F5 APM SAML SSO

Intothecloud
Altocumulus
Altocumulus

I have one query as follows - I have webtop where user are getting authenticating using saml then we are giving login page - variable assign and outlook resource this is working perfectly fine when user clicks on outlook resource it redirects to outlook and doesnt ask any username or password

Webvpn.com > SAML ( Azure Auth) > APM Login page > variable assign mapping > sso > adv resource assignment

==========================================

Now customer want to eliminate second login page from the F5 , as per requirement once user authenticated via azure saml it needs to be directly present resources such as outlook and once user clicks on the outlook resouce it should not ask username and password now question is how we can use sso in this scenario as there is no option for the password attribute from saml

2 REPLIES 2

Juergen_Mang
Cirrus
Cirrus

You can avoid the second login page if the backend also supports saml, other way is to implement Kerberos SSO: https://support.f5.com/csp/article/K17976428

Kerberos SSO works fine between F5 and Exchange.

The SAML configuration for the In-Line SAML SSO architecture is easy to configure. On one hand, we have to configure the SAML SP Service and the SAML IdP Connector. Binding the SAML SP Service to the IdP Connector. On the other hand, we have to configure the SAML IdP Service and the SAML SP Connector. Binding the SAML IdP Service to the SP Connector. In addition, the SAML IdP Service configuration will be used as SSO configuration for the second SAML traffic flow.  OneCognizant Cognizant Login