apm sso form-basedΒΆ
apm sso form-based(1) BIG-IP TMSH Manual apm sso form-based(1) NAME form-based - Configures a single sign-on form-based configuration object. MODULE apm sso SYNTAX Configure the form-based component within the sso module using the syntax shown in the following sections. CREATE/MODIFY create form-based [name] modify form-based [name] options: apm-log-config [[string] | none] app-service [[string] | none] external-access-management [oam | none] form-action [[URL] | none] form-field [string] form-method [get | post] form-password [string] form-username [string] headers [add | delete | modify | | replace-all-with] { [name] { options: app-service [[string] | none] hname [[URL] | none] hvalue [[integer] | none] } } password-source [session.sso.token.last.password | none] start-uri [[URLs] | none] success-match-type [cookie | none | url] success-match-value [string] username-source [session.sso.token.last.username | none edit form-based [ [ [name] | [glob] | [regex] ] ... ] options: all-properties non-default-properties DISPLAY list form-based list form-based [ [ [name] | [glob] | [regex] ] ... ] show running-config form-based show running-config form-based [ [ [name] | [glob] | [regex] ] ... ] options: all-properties non-default-properties one-line partition show form-based show form-based [name] DELETE delete form-based [name] DESCRIPTION You can use the form-based component to configure an SSO form-based configuration object. EXAMPLES create form-based fb_2011_sso { start-uri "/fb/auth/logon.aspxurl=https://exch2011.mv1.fp.com/fp/&reason=0" form-action "/fp/auth/fpauth.dll" form-username "username" form- password "password" form-field "destination https://exch2011.mv1.fp.com/fp/" } Creates an SSO form-based configuration object named fb_2011_sso. OPTIONS apm-log-config Specifies log-setting object to associate with this sso. If this value is empty, logging framework uses log-setting configuration associated with the access profile where sso is used. app-service Specifies the name of the application service to which the object belongs. The default value is none. Note: If the strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the object. Only the application service can modify or delete the object. external-access-management form-action Specifies the form action URL that is used for HTTP form-based authentication. This is optional. If you do not specify a form action, then Access Policy Manager uses the URI from the request to perform HTTP form-based authentication. The default is none. form-field Specifies the hidden form parameters that are required by the authentication server logon form at your location. The default is none. Specify a parameter name, a space, and the parameter value, if any. Multiple parameters can be configured with each "name value" pair in one line. Use edit to add multiple parameters. Please note that create and modify do not allow using new line on the terminal. form-method Specifies the form method to use for form-based HTTP authentication. The value is either get or post. The default is post. If you specify get, Access Policy Manager forces the authentication using HTTP GET rather than authenticating using form-based POST. form-password Specifies the parameter names used by the form that is sent the POST request. form-username Specifies the parameter names used by the form that is sent the POST request. headers Specifies the name and value of the HTTP header content to be inserted in an HTTP Request that passes through the APM SSO module. The default is none. The options are: app-service Specifies the name of the application service to which the HTTP header belongs. The default value is none. Note: If the strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the HTTP header. Only the application service can modify or delete the HTTP header. hname Specifies the name of the HTTP header. hvalue Specifies the value of the HTTP header. [name] Specifies a name for the component. password-source Specifies the password you want cached for single sign-on. The default is session.sso.token.last.password. start-uri Specifies a URL resource. For example, for FB, it would be /fb/auth/logon.aspx*. For Citrix, /Citrix/XenApp/auth/logon.aspx. This resource must respond with a challenge to a non-authenticated request. The default is none. success-match-type Specifies the method your authentication server uses. If you specify a value for this option, you must also specify a value for success-match-value. The default is none. The options are: url One or more URLs. The system supports only the wildcard character (*). cookie A cookie name. success-match-value Specifies the value used to specify either the URL(s) or cookie for the success-match-type option. The default is none. username-source Specify the username you want cached for single sign-on. The default is session.sso.token.last.username. SEE ALSO basic, kerberos, ntlmv1, ntlmv2 COPYRIGHT No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal use, without the express written permission of F5 Networks, Inc. F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015. All rights reserved. BIG-IP 2016-03-02 apm sso form-based(1)