Forum Discussion
Stanislas_Piro2
Mar 28, 2017Cumulonimbus
I think you can use multi-domain SSO instead of your configuration.
multi domain SSO is used to provide authentication on only one URL:
webtop.domain.com
when a user access to app1.domain.com,
- he is redirected to https://webtop.domain.com
- after authentication, he is redirected to app1.domain.com
you can define hundreds of URLs authenticating on the same URL.
if the user access to https://webtop.domain.com, you can assign a webtop with webtop links.
My irule must be modified for to be compatible with Multi-domain SSO:
when HTTP_REQUEST {
if { ( [set MRHSession_cookie [HTTP::cookie value "MRHSession"]] ne "" ) and ( [ACCESS::session exists -state_allow $MRHSession_cookie] ) } then {
log local0. "URI: [HTTP::uri]"
if { [HTTP::uri] equals "/" && ([set webtop [ACCESS::session data get -sid $MRHSession_cookie "session.assigned.webtop"]] ne "")} {
if {[PROFILE::access domain_mode] && [URI::host [PROFILE::access primary_auth_service]] equals [HTTP::host]} {
HTTP::redirect "/vdesk/webtop.eui?webtop=${webtop}&webtop_type=webtop_full";
}
}
}
}
EDIT : I corrected the irule according to Sergi's comment about the missing
]