Forum Discussion

EmBee_57573's avatar
EmBee_57573
Icon for Nimbostratus rankNimbostratus
Jun 11, 2014

APM SSO with ADFS and Sharepoint

Dear all, we want to provide secure authentication and single sign on for several SharePoint portals for internet clients. The SharePoint environment is using ADFS.

 

See picture:

 

 

At DMZ we have the F5 LTM APM running 11.4.

 

We have configured three virtual servers: 1. portalA, poolmember is SharePoint A 2. portal B, poolmember is SharePoint B 3. adfs virtual, poolmember is the ADFS server

 

 

We have created one APM access policy, using SSO, which we have attached to all 3 virtual servers.

 

(no connectivity profile).

 

 

For the SSO profile we use NTLMv1.

 

Now here is the flow of actions:

 

  1. user browses to the portalA virtual server and has to login to the APM login page.
  2. APM authenticates user
  3. user gets connected to the SharePointA. SharePointA server sees that user does not have a ADFS token.
  4. user gets redirected to ADFS

This ADFS is the virtual server (no 3)

 

ISSUE: Now here the problem starts, as the user gets a pop up to provide credentials . We would like to get SSO working, i.e. the APM should fill in these credentials.

 

It seems that APM does not have the credentials of the user to fill in..

 

Any clue on this?

 

thanks!

 

APM
application delivery
design
LTM
security

1 Reply

Sort By
  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    Jun 11, 2014

    Hi,

     

    You have to make sure you are using the correct session variable within APM to fill username/password input on NTLM SSO config. Moreover, you may provide a domain value for ADFS to accept the credentials (ex: domain\username : password)

     

    Maybe, you can try using Basic auth, it should works fine.

     

    BR

     

    Yann