I've just run into the same issue with APM+SSO and it's due to CSP (Content Security Policy). The application is sending a header that specifies where different things are allowed to be loaded from, like scripts, style sheets, fonts, and images). Newer, compliant browsers will interpret that header and depending on the settings, will disable inline javascript, which is how the APM adds if forms sso.
In order to fix this, you'll need to either modify the CSP directive for the application, or you can modify it through an iRule. See the following sites for more information on what CSP is and does. Unless the F5 engineers can update the APM SSO to use javascript files for the SSO stuff, this issue may become more prevalent over time with the standardization of HTML5 applications.
- http://www.html5rocks.com/en/tutorials/security/content-security-policy/
- http://www.cspplayground.com/home
Hope this helps.