apm sso form-basedΒΆ
apm sso form-based(1) BIG-IP TMSH Manual apm sso form-based(1)
NAME
form-based - Configures a single sign-on form-based configuration
object.
MODULE
apm sso
SYNTAX
Configure the form-based component within the sso module using the
syntax shown in the following sections.
CREATE/MODIFY
create form-based [name]
modify form-based [name]
options:
apm-log-config [[string] | none]
app-service [[string] | none]
external-access-management [oam | none]
form-action [[URL] | none]
form-field [string]
form-method [get | post]
form-password [string]
form-username [string]
headers [add | delete | modify | | replace-all-with] {
[name] {
options:
app-service [[string] | none]
hname [[URL] | none]
hvalue [[integer] | none]
}
}
password-source [session.sso.token.last.password | none]
start-uri [[URLs] | none]
success-match-type [cookie | none | url]
success-match-value [string]
username-source [session.sso.token.last.username | none
edit form-based [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list form-based
list form-based [ [ [name] | [glob] | [regex] ] ... ]
show running-config form-based
show running-config form-based [ [ [name] | [glob] |
[regex] ] ... ]
options:
all-properties
non-default-properties
one-line
partition
show form-based
show form-based [name]
DELETE
delete form-based [name]
DESCRIPTION
You can use the form-based component to configure an SSO form-based
configuration object.
EXAMPLES
create form-based fb_2011_sso { start-uri
"/fb/auth/logon.aspxurl=https://exch2011.mv1.fp.com/fp/&reason=0"
form-action "/fp/auth/fpauth.dll" form-username "username" form-
password "password" form-field "destination
https://exch2011.mv1.fp.com/fp/" }
Creates an SSO form-based configuration object named fb_2011_sso.
OPTIONS
apm-log-config
Specifies log-setting object to associate with this sso. If this
value is empty, logging framework uses log-setting configuration
associated with the access profile where sso is used.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
external-access-management
form-action
Specifies the form action URL that is used for HTTP form-based
authentication. This is optional. If you do not specify a form
action, then Access Policy Manager uses the URI from the request
to perform HTTP form-based authentication. The default is none.
form-field
Specifies the hidden form parameters that are required by the
authentication server logon form at your location. The default is
none. Specify a parameter name, a space, and the parameter value,
if any. Multiple parameters can be configured with each "name
value" pair in one line. Use edit to add multiple parameters.
Please note that create and modify do not allow using new line on
the terminal.
form-method
Specifies the form method to use for form-based HTTP
authentication. The value is either get or post. The default is
post.
If you specify get, Access Policy Manager forces the
authentication using HTTP GET rather than authenticating using
form-based POST.
form-password
Specifies the parameter names used by the form that is sent the
POST request.
form-username
Specifies the parameter names used by the form that is sent the
POST request.
headers
Specifies the name and value of the HTTP header content to be
inserted in an HTTP Request that passes through the APM SSO
module. The default is none.
The options are:
app-service
Specifies the name of the application service to which the
HTTP header belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service
that owns the object, you cannot modify or delete the HTTP
header. Only the application service can modify or delete the
HTTP header.
hname
Specifies the name of the HTTP header.
hvalue
Specifies the value of the HTTP header.
[name]
Specifies a name for the component.
password-source
Specifies the password you want cached for single sign-on.
The default is session.sso.token.last.password.
start-uri
Specifies a URL resource. For example, for FB, it would be
/fb/auth/logon.aspx*. For Citrix, /Citrix/XenApp/auth/logon.aspx.
This resource must respond with a challenge to a non-authenticated
request.
The default is none.
success-match-type
Specifies the method your authentication server uses. If you
specify a value for this option, you must also specify a value for
success-match-value. The default is none. The options are:
url One or more URLs. The system supports only the wildcard
character (*).
cookie
A cookie name.
success-match-value
Specifies the value used to specify either the URL(s) or cookie
for the success-match-type option. The default is none.
username-source
Specify the username you want cached for single sign-on. The
default is session.sso.token.last.username.
SEE ALSO
basic, kerberos, ntlmv1, ntlmv2
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015. All rights
reserved.
BIG-IP 2016-03-02 apm sso form-based(1)