I have one query as follows - I have webtop where user are getting authenticating using saml then we are giving login page - variable assign and outlook resource this is working perfectly fine when user clicks on outlook resource it redirects to outlook and doesnt ask any username or password
Webvpn.com > SAML ( Azure Auth) > APM Login page > variable assign mapping > sso > adv resource assignment
Now customer want to eliminate second login page from the F5 , as per requirement once user authenticated via azure saml it needs to be directly present resources such as outlook and once user clicks on the outlook resouce it should not ask username and password now question is how we can use sso in this scenario as there is no option for the password attribute from saml
You can avoid the second login page if the backend also supports saml, other way is to implement Kerberos SSO: https://support.f5.com/csp/article/K17976428
Kerberos SSO works fine between F5 and Exchange.
11-Jul-2022 04:53 - edited 11-Jul-2022 20:42
The SAML configuration for the In-Line SAML SSO architecture is easy to configure. On one hand, we have to configure the SAML SP Service and the SAML IdP Connector. Binding the SAML SP Service to the IdP Connector. On the other hand, we have to configure the SAML IdP Service and the SAML SP Connector. Binding the SAML IdP Service to the SP Connector. In addition, the SAML IdP Service configuration will be used as SSO configuration for the second SAML traffic flow. OneCognizant Cognizant Login