Forum Discussion

samdlee_305622's avatar
Icon for Nimbostratus rankNimbostratus
Sep 08, 2017

Sharing APM Session data with Application Server

Hi guys, I am just wondering what's the best practices in terms of sharing APM session data/variables, such as username, attributes from SAML Assertion with the backend application server after successful authentication? For the time being, we sende those info to backend application server as customized HTTP Request Headers, IMO, it is not a good way to do it. Can someone share your valuable experiences with me?


Another scenario is as following: How could multiple backend applications could exchange info/data in between them when user "switches" from App1 to App2 seamlessly thanks to SSO?


Thanks in advance!


  • Hi,


    What variables do you want to share. The most secure solution when user authenticates with SAML is to not "share" variables but enable kerberos SSO.