Bug ID 679898: When two BIG-IP virtual servers are configured with multi-domain SSO, under certain conditions you might encounter HTTP redirect loop.

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,

Fixed In:

Opened: Aug 23, 2017

Severity: 3-Major


After successful authentication on the primary auth virtual server, and successful redirect to the application virtual server, when you click the back button on the web browser, the system re-requests the multi-domain auth URL. This might result in an HTTP redirect loop.


Possible HTTP redirect loop.


-- The BIG-IP system is configured with the multi-domain authentication service for the web applications sitting behind virtual servers configured for LTM-plus-APM. -- The APM multi-domain authentication service is configured with an access policy that does not contain a webtop. -- A 'Primary Authentication URI' virtual server does not have an LTM pool assigned to it.



Fix Information

A client redirect loop that occurred with APM multi-domain SSO configurations has been corrected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips