Shared Authentication Domains on BIG-IP APM
Published Feb 14, 2017
Version 1.0Was this article helpful?
Yes, in a per-session policy once you have a session in Allow state and have access to the MRHSession cookie, no further prompts will be performed. The only way to address this would be to use a per-Request access policy on App3 to perform "step-up" authentication.