Sharing APM Session data with Application Server

Question

Hi guys, I am just wondering what's the best practices in  terms of sharing APM session data/variables, such as username, attributes from SAML Assertion with the backend application server after successful authentication? For the time being, we sende those info to backend application server as customized HTTP Request Headers, IMO, it is not a good way to do it. Can someone share your valuable experiences with me?&nbsp;
Another scenario is as following: How could multiple backend applications could exchange info/data in between them when user "switches" from App1 to App2 seamlessly thanks to SSO?&nbsp;
Thanks in advance!&nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
What variables do you want to share. The most secure solution when user authenticates with SAML is to not "share" variables but enable kerberos SSO.&nbsp;

Forum Discussion

Sharing APM Session data with Application Server

1 Reply

Recent Discussions

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

APM OCSP Responder Issues

Related Content

DevCentral 2024 - Share Another Day

Knowledge sharing: F5 Software Upgrade/RMA process

Application Programming Interface (API) Authentication types simplified

Using shared object with BigIP

Knowledge sharing: Investigating/troubleshooting crash and failover events