Question

2
Replies
654
Views
VinothM3 Member since 2015 2 posts
Health Alliance Plan
Posted: May 10, 2017
Last activity: May 25, 2017
Closed
Solved

SSO integration using F5 URI Rewrite

Hi,

We have recently implemented a SSO solution using SAML 2.0 which leverages F5 LTM to redirect requests to Service provider based on IDP posting URI. Please be advised that Pega is the SP application.

Here is how the flow works,

  • User logins into IDP application and initiates a request to access service provider
  • IDP generates assertion and post the requests
  • F5 uses URI rewrite to look for posting URI and if it contains a specific keyword, redirect the request to the SP application for authentication and launching the application.
  • The URI rewrite also ensures the URL is masked to show the IDP application domain (e.g. https://www.portal.com) not the SP Pega domain (https://www.pegahostUrl/prweb/)

That said, we would like to hear for feedback on this solution from this community and also get advised on challenges anyone faced going down this route.

*IDP - Identity Provider, SP - Service Provider

Low-Code App Development Security
Moderation Team has archived post
Share this page LinkedIn