Rusty_M_140798
Sep 23, 2016Nimbostratus
Using SAML for login vs F5 Login Page, but need the password for SSO profiles
I have a scenario where we are using SAML as our first point vs a F5 login page, see APM policy below.
The way this works is the user is re-directed to our SAML provider for authentication and if successful, allowed to pass along. The SAML Auth uses an AAA server which is a SP/IdP setup on the F5.
The issue I have is I am not able to use SSO profiles to auto login to apps hosted via the webtop because I do not have a password variable. (I am able to get domain and user)
This maybe a question for the SAML provider, but I am curious if there is a way to capture the password back from the SAML provider?
I understand this defeats the purpose of SAML in this case as the hole idea is not to send passwords but tokens.