Forum Discussion

Nimbostratus

Jan 10, 2014

SAML Cookie Persistence after browser/system restart and across service providers

I am fairly new to the F5 world and in the beginning of setting up our LTM's as SAML IdP's for a variety of services. Our first use-case is Jive, which we have working and all the attributes are pul...

Nimbostratus

Feb 06, 2014

Thanks I'll test this today.

We use our Idps in a similar way, we have our a VS fpr each idp. i.e. dropbox.company.com and google.company.com. I have setup dropbox with a redirect irule "ACCESS::respond 302 Location https://dropbox.company.com/saml/idp/res?id=/SSO/dropbox"

So from my understanding the cookie should now be set for requests coming to dropbox.company.com - and subsequent service provider samlrequests should not challenge my idp for creds as I should pass the cookie header. Is your solution tested for IDP initiated SAML logon or is this something you don't use? Reason is, after implementing, when I close my browser and go back to my idp dropbox.company.com it presents me with the same logon form.

Forum Discussion

SAML Cookie Persistence after browser/system restart and across service providers

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

Enable SAML Service Provider on F5 Distributed Cloud Application

F5 Terraform providers – Helping to implement Infrastructure as Code

Service Discovery and authentication options for Kubernetes providers (EKS, AKS, GCP)

Decoding the IPv4 address from the persistence cookie