APM Portal Links SSO with Azure AD
Hi, We have an APM portal using AD authentication. We recently transitioned to using Azure AD MFA to log into it. This was done by following the solution to integrate APM with Azure AD using the bigIP as a SAML SP and works without issue. However, after logging into the portal and clicking on any of the links for the the various apps (which are also Azure AD integrated) the user must go through the login process with Azure AD all over again which is anyoing. Is there a way to somehow use the original SAML authentication from loging into the portal to seemlessly be logged into the various apps? Interestingly, once the user clicks on subsequent apps after the second login, they are logged in automatically so I believe it's able to use the session tokens stored in the browser for subsequent logins after the second login (but not after the initial log in to the portal).
Delete a cookie every time a user logins to portal page
I currently have a portal for webmail. When the user logs out of webmail or doesn't close the browser and another user logs into the portal, they are presented with the mailbox of the last user. I am looking for an irule that deletes all cookies at the portal page to prevent another user from getting the last persons information. I am hoping this is the issue rather a persistence connection issue.
Security considerations for APM portal access
Security considerations for APM portal access We are publishing an application through APM with a portal access for the first time. With no ASM in front, are there any security aspects we should consider for the actual "portal delivery"? We can't do much about the application being published, but perhaps there are settings we should adjust that's not set out of the box for a portal app? We've already set ACLs as described in theese posts https://devcentral.f5.com/questions/portal-access-security-problem-manipulation-with-hex-string-in-url-mangle-allows-access-to-any-internal-website-how-to-restrict https://devcentral.f5.com/articles/apm-security-protecting-internal-resources-using-acls Is there anything else we should set as a best practice? Any advice appreciated! Thanks /Andreas