cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

SSO for Portal Access resource item

Abed_AL-R
Cirrostratus
Cirrostratus

Hi

 

I was hoping someone could help me with creating SSO for web application published through F5 APM

 

I got SSO working for RDP sessions and there was not problem to got it woking. But for the web application I'm not sure about some settings..

 

The web application is configured in the Portal Access

And I configured Single-Sign-On Forum Based. For Credentials Source I set the following:

 

session.ldap.last.attr.userPrincipalName

session.logon.last.password

(This what is configured for RDP SSO , and there it is working fine.)

 

For this forum SSO I used:

session.logon.last.username

session.logon.last.password

 

Anyway, for the start URI not sure what to put there, neither for the Form Action

 

When the user is logged into the F5 APM, he click on the portal access application link, and then he got the application webpage:

https://myapm.mydomain.com/f5-w-687474703a2f2f3137322e32312e31322e32$$/mclient/

then automatically to the login page:

https://myapm.mydomain.com/f5-w-687474703a2f2f3137322e32312e31322e32$$/mclient/#/login

 

How should I treat the: /f5-w-<hex encoded scheme>$$/path ?

 

Should I use wildcard for this situation? linke this for example:

*/mclient/#/login

 

For the forum action (POST action) it is also using the /f5-w-<hex encoded scheme>$$/path ....

 

Any advise?

Thanks

1 REPLY 1

PeteWhite
F5 Employee
F5 Employee

BIG-IP will decode the hex-encoded scheme so just forget about that and deal with the non-encoded URI ie the start page could be /mclient/ and the form action might be /mclient/#/login ( assuming it actually is - worth checking the actual form that is presented )