diff --git a/docs/class1/module3/images/lab3-change-ending-allow.png b/docs/class1/module3/images/lab3-change-ending-allow.png new file mode 100644 index 0000000..ba83c92 Binary files /dev/null and b/docs/class1/module3/images/lab3-change-ending-allow.png differ diff --git a/docs/class1/module3/images/lab3-client-cert-config.png b/docs/class1/module3/images/lab3-client-cert-config.png new file mode 100644 index 0000000..49f401e Binary files /dev/null and b/docs/class1/module3/images/lab3-client-cert-config.png differ diff --git a/docs/class1/module3/images/lab3-empty-branch.png b/docs/class1/module3/images/lab3-empty-branch.png new file mode 100644 index 0000000..9b8a693 Binary files /dev/null and b/docs/class1/module3/images/lab3-empty-branch.png differ diff --git a/docs/class1/module3/images/lab3-final-allow.png b/docs/class1/module3/images/lab3-final-allow.png new file mode 100644 index 0000000..70ea8df Binary files /dev/null and b/docs/class1/module3/images/lab3-final-allow.png differ diff --git a/docs/class1/module3/images/lab3-http-profile.png b/docs/class1/module3/images/lab3-http-profile.png new file mode 100644 index 0000000..0fa2520 Binary files /dev/null and b/docs/class1/module3/images/lab3-http-profile.png differ diff --git a/docs/class1/module3/images/lab3-list-cert.png b/docs/class1/module3/images/lab3-list-cert.png new file mode 100644 index 0000000..a19a1a7 Binary files /dev/null and b/docs/class1/module3/images/lab3-list-cert.png differ diff --git a/docs/class1/module3/images/lab3-persession.png b/docs/class1/module3/images/lab3-persession.png new file mode 100644 index 0000000..650aeb1 Binary files /dev/null and b/docs/class1/module3/images/lab3-persession.png differ diff --git a/docs/class1/module3/images/lab3-profile-auth.png b/docs/class1/module3/images/lab3-profile-auth.png new file mode 100644 index 0000000..b88fdbe Binary files /dev/null and b/docs/class1/module3/images/lab3-profile-auth.png differ diff --git a/docs/class1/module3/lab1.rst b/docs/class1/module3/lab1.rst index 3eb2110..e5db07d 100644 --- a/docs/class1/module3/lab1.rst +++ b/docs/class1/module3/lab1.rst @@ -1,65 +1,18 @@ -Lab 3.1 - Creating a Certificate -################################ +Lab 3.1 - Check CA Certificate +############################## -Create a certificate in Next Central Manager -******************************************** +In your lab environment, a Certificate Authority is already up and running. The CA certificate has been added into BIG-IP Next CM. -1. Access **BIG-IP Next Central Manager** if you're not already logged in. +* In Applications menu, and Certificates & Keys sub-menu, check the certificate list +* You can see the CA certificate called CA-DEMO -.. image:: images/lab3-cmlogin.png - :width: 600 px +.. image:: images/lab3-list-cert.png + :width: 1200 px -2. Click on the Workspace button and select **Application**. - -.. image:: images/lab3-app1.png - :width: 600 px - -3. Click on **Certificate & Keys** - -.. image:: images/lab3-certkeysbtn.png - :width: 600 px - -4. Click on **Add** button to add a certifcate. - -.. image:: images/lab3-certadd.png - :width: 600 px - -5. In the **Add Certificate & Keys** fly out menu - -- Select the **Import a Certificate**. -- Under **Name**, select **New**, and type: **ADDC_CA** -- In the **Tag** drop down box, select **Access** -- In the **Type** drop down box, select **Certificate** -- In the **Source** section, select **Import** -- In the **Certificate Section**, click on the **Import** button, and import the **f5access-ADDC-CA.crt** certificate +* Click on ``CA-DEMO`` -.. note:: The certificates are in the Access Lab folder in Documents as well as pinned to the Windows Explorer Quick Access - -The result should look like the image below. - -.. image:: images/lab3-cacert.png - :width: 600 px - -1. Click **Save** - -You have successfully uploaded a certificate. - - - - - - - - - - - - - - - - - - + * You can notice the object is a ``Certificate Bundle``, and not a certificate + * You can see details of the CA +.. note:: This CA will be used to validate the client certificate presented by the browser. This CE has been imported and trusted into the client browser. diff --git a/docs/class1/module3/lab2.rst b/docs/class1/module3/lab2.rst index 316daef..3b38bc3 100644 --- a/docs/class1/module3/lab2.rst +++ b/docs/class1/module3/lab2.rst @@ -19,14 +19,14 @@ Creating an security policy with client cert authentication .. image:: images/lab3-accessbtn.png :width: 600 px -4. Click **Start Creating** button to create a new Access policy +4. Click **Start Creating** button to create a new Access policy, or click on **Create** if you have already several policy created. .. image:: images/lab3-createapbtn.png :width: 600 px -5. This will open Access Visual Policy Design screen. Click on the pencil next to create new policy. +5. This will open Access Visual Policy Design screen. Choose a **Per-Session Policy** and **Start from Scratch**, click Next -.. image:: images/lab3-createpolicypencil.png +.. image:: images/lab3-persession.png :width: 600 px 6. In the **Create Policy** screen, this is where you set the different properties of the policy, such as, logging, language, Single Sign On, etc… Let’s start configuring the policy Start Selecting policy name and adjust policy parameters. @@ -64,7 +64,9 @@ In the **General Properties** screen set the following parameters, for the rest .. image:: images/lab3-resources.png :width: 600 px -12. **Policy Endings** you can define additional policy ending logic as needed for your use case here. For this lab we will accept the default. Click **Finish**. +12. **Connectivity** you can set the SSL VPN (Network Access) connectivity settings. Keep as default and click **Continue** + +13. **Policy Endings** you can define additional policy ending logic as needed for your use case here. For this lab we will accept the default. Click **Finish**. .. image:: images/lab3-policyendings.png :width: 600 px @@ -74,7 +76,7 @@ After clicking on **Finish** it should bring you back to the Create Policy scree .. image:: images/lab3-createpolicy2.png :width: 600 px -13. Under **Flows**, drag and drop **Empty** flow to the VPD. You will need click on the little dots to the right of the flow type to grab the flow and drop into the VPD. +14. Under **Flows**, drag and drop **Empty** flow to the VPD. You will need click on the little dots to the right of the flow type to grab the flow and drop into the VPD. .. image:: images/lab3-emptyflow.png :width: 600 px @@ -88,72 +90,52 @@ The result should look like the following screen shot. .. image:: images/lab3-emptyok.png :width: 600 px -14. Click inside the Flow type box. This show 3 buttons; **Delete**, **Edit**, and **Collapse** buttons. Click on the **Collapse** button to start adding Rules to the Flow. +15. Click inside the Flow type box. This show 3 buttons; **Delete**, **Edit**, and **Collapse** buttons. Click on the **Collapse** button to start adding Rules to the Flow and Editing settings. .. image:: images/lab3-allthebtns.png :width: 600 px -15. On the left hand side menu, select the **R** (Rules) button, and scroll down on the **Rules** till you find **On-Demand Certificate Authentication**. +16. Click on the **pen** to edit the Empty box. Change the name to **client-cert-auth** and add a new ending branch called **Allow** + +.. image:: images/lab3-empty-branch.png + :width: 600 px + +17. On the left hand side menu, select the **R** (Rules) button, and scroll down on the **Rules** till you find **On-Demand Certificate Authentication**. .. image:: images/lab3-rules1.png :width: 600 px -16. Click and drag **On-Demand Certificate Authenticate** to the VPD. +17. Click and drag **On-Demand Certificate Authenticate** to the VPD. .. image:: images/lab3-rules2.png :width: 600 px -17. Edit the **On-Demand Certificate** rule by clicking on the edit button. +18. Edit the **On-Demand Certificate** rule by clicking on the edit button. .. image:: images/lab3-rules3.png :width: 600 px -18. In the **Rule Configurations**, **Rule Properties**, change **Authentication Mode** to **Require**. Click **Continue**. +19. In the **Rule Configurations**, **Rule Properties**, change **Authentication Mode** to **Require**. Click **Continue** and **Finish** .. image:: images/lab3-rules4.png :width: 600 px -19. In the **Rule Configurations**, **Branches** screen we will add another branch for a successful authentication. +20. Change the **Deny** ending of the successful branch by the **Allow** ending -Click on **Create** button to add a new Branch - -.. image:: images/lab3-branches.png +.. image:: images/lab3-change-ending-allow.png :width: 600 px -20. In the **Create Branch** screen, adjust the parameters to the following, and click **Save** when done. - -- **Name:** Successful -- **Context:** Client Certificate -- **Condition:** Validity -- **Client Certificate:** Valid - -.. image:: images/lab3-branches2.png - :width: 600 px -You should now have two branches in Successful and Fallback, see image below. Click **Finish**. - -.. image:: images/lab3-branchcomp.png - :width: 600 px - -21. Click on the **Collapse** button to close the **Rules and Flow** box so you’re back to the main VPD. See image below for reference. +21. Click on the **Collapse** button to close the **Rules and Flow** box so you’re back to the main VPD. See image below for reference. .. image:: images/lab3-branchclose.png :width: 600 px -22. Click on **Edit** button on the **Empty Flow** box. This will open up the **Empty Flow** property screen. - -.. image:: images/lab3-term1.png - :width: 600 px - -23. We want to add another terminal or Flow Ending for an Allow policy if the certificate matches. - -- Click on **Create** to add another Flow Ending -- In the **Name** box type **Allow** -- Select the color **#199D4D** (Green) for the Allow ending +22. On the **Allow** branch, change the ending to **Allow**. -.. image:: images/lab3-flowending.png +.. image:: images/lab3-final-allow.png :width: 600 px -24. Save the policy and close the VPD by clicking on **Cancel**. +23. Save the policy and close the VPD by clicking on **Exit**. You have completed creating a security policy. Next we will deploy an Application and assigned the access policy. \ No newline at end of file diff --git a/docs/class1/module3/lab3.rst b/docs/class1/module3/lab3.rst index e06c317..d86a6a6 100644 --- a/docs/class1/module3/lab3.rst +++ b/docs/class1/module3/lab3.rst @@ -54,33 +54,28 @@ Creating an application and assign an Access policy to the application .. image:: images/lab3-pp.png :width: 600 px -10. Next to **Please choose an trust CA certificate**, select the CA certificate we uploaded earlier in the lab. +10. Click on the **Add** button to create a new client ssl profile, and add the following information -.. image:: images/lab3-cacert2.png - :width: 600 px - -11. Click on the **Add** button under the **No Client-Side TLS** to add a certificate. +- **Name:** client-cert-auth +- **RSA Certificate:** self_demo.f5.com +- Click **Continue** -.. image:: images/lab3-tls.png +.. image:: images/lab3-client-cert-config.png :width: 600 px -12. In the Add **Client-Side TLS** screen, input the following information +11. In Authentication menu, **Enable Authentication** with the following information -- **Name:** cert_auth -- **RSA Certificate:** self_demo.f5.com +- **Client certificate authentication mode** : Request +- **Trusted Certificate Authorities** : xca-demo - Click **Save** -.. image:: images/lab3-addtls.png +.. image:: images/lab3-profile-auth.png :width: 600 px -Before continuing, please verify the proper certificates has been applied, see image below for reference. - -.. image:: images/lab3-certcheck.png - :width: 600 px -13. This will take you back to the **Protocols and Profiles** screen. Keep the rest of the settings as default. Click **Save**. +12. This will take you back to the **Protocols and Profiles** screen. Enable the **HTTP Profile**. Click **Save**. -.. image:: images/lab3-addtls2.png +.. image:: images/lab3-http-profile.png :width: 600 px 14. This will take you back to the **Virtual Server** screen. Now we will attach the Access Policy we created previously to this application. Click on the **Edit** button under Security Policies. diff --git a/docs/class1/module3/lab4.rst b/docs/class1/module3/lab4.rst index 4daa6eb..3ce5aff 100644 --- a/docs/class1/module3/lab4.rst +++ b/docs/class1/module3/lab4.rst @@ -4,15 +4,9 @@ Lab 3.4 - Test Application Test Connectivity to Application ******************************** -1. Open a new Chrome browser or tab and type: https://10.1.10.112 - -.. image:: images/lab3-security.png - :width: 600 px - -You may get a security warning **Your Connection is Not Private**, this is because we're using a self-signed certificate. It is safe to proceed. - -2. You will get a pop up to Select a certificate pop in the browser, verify it’s the ADDC CA certificate you have uploaded earlier, click **Ok**. +1. Open a new Firefox browser or tab and type: https://client-cert.example.com +2. You will get a pop up to Select a user certificate pop in the browser, select the user-cert certificate , click **Ok**. 3. You should see the F5 Demo App after a successful login. diff --git a/docs/class1/module3/module3.rst b/docs/class1/module3/module3.rst index 1808d65..52999c6 100644 --- a/docs/class1/module3/module3.rst +++ b/docs/class1/module3/module3.rst @@ -7,7 +7,6 @@ In this lab we will explore how to setup certificate based authentication. **Learning Objectives:** -- Import CA Certificate to Central Manager - Create Policy via Visual Policy Designer (VPD). - Assign Flows and rules to the policy. - Create Application and associate it with policy diff --git a/docs/class2/module2/lab1.rst b/docs/class2/module2/lab1.rst index b0a0e86..1855e29 100644 --- a/docs/class2/module2/lab1.rst +++ b/docs/class2/module2/lab1.rst @@ -1,178 +1,3 @@ Lab 2.1 - Create an Access Security Policy ########################################## -Creating a security policy with signed SAML assertion -***************************************************** - -1. Access **BIG-IP Next Central Manager** if you're not already logged in. - -.. image:: images/lab2-cmlogin.png - :width: 600 px - -2. Click on the Workspace icon and select Security - -.. image:: images/lab1-securitybtn.png - :width: 600 px - -3. Under Security you will find all the security modules such as Access, WAF, and SSLO for example. The module may need to be enabled for the feature menu to show up on the Security list. For this lab we have already enabled Access module. - -Click on **Access** from the Security menu, this should default to Policies. - -.. image:: images/lab1-accessbtn.png - :width: 600 px - -4. Click **Start Creating** button to create a new Access policy - -.. image:: images/lab1-createapbtn.png - :width: 600 px -5. This will open Access Visual Policy Design screen. Click on the pencil next to create new policy. - -.. image:: images/lab1-createpolicypencil.png - :width: 600 px - -6. In the **Create Policy** screen, this is where you set the different properties of the policy, such as, logging, language, Single Sign On, etc… Let’s start configuring the policy by setting a policy name and policy parameters. - -In the **General Properties** screen set the following parameters, for the rest of the settings you may leave it as default. - -- **Policy Name:** okta_signed_policy -- **Cookie Option:** check the **Secure** box -- Click **Continue** - -.. note:: As you continue the rest of the policy creation process, see the screen shot in each section for a visual example of the configuration. - -.. image:: images/lab1-oktageneral.png - :width: 600 px - -7. **Session Properties** screen, you can specify session specific settings in this screen. For this lab we will keep the default settings. Click **Continue**. - -.. image:: images/lab1-oktasession.png - :width: 600 px - -8. **Logging screen** you can adjust the logging level to help with debugging or troubleshooting. For this lab we will keep the default settings. Click **Continue**. - -.. image:: images/lab1-oktalogging.png - :width: 600 px - -9. **Single Sign On** screen, you can set the Single Sign On configuration with an IDP. For this lab we will not use any SSO. Click **Continue**. - - -.. image:: images/lab1-oktasso.png - :width: 600 px - -10. **Endpoint Security** screen, you can setup Endpoint Security such as ensuring firewall is enabled on a client workstation before access is granted. For this lab we will not use this feature. Click **Continue**. - -.. image:: images/lab1-oktaendpoint.png - :width: 600 px - -11. **Resources** screen, you can set additional capabilities and features such as Network Access, and Webtops in this screen. For this lab we will not use these capabilities. Click **Continue**. - -.. image:: images/lab1-oktaresources.png - :width: 600 px - -12. **Policy Endings** screen, you can define additional policy ending logic as needed for your use case here. For this lab we will accept the default settings. Click **Finish**. - -.. image:: images/lab1-oktapolicyendings.png - :width: 600 px - -After clicking on **Finish** it should bring you back to the Create Policy screen. Now, we will use the Visual Policy Designer (VPD) to build the policy. - -In Next Access we have two terms in the Visual Policy Designer (VPD); **Flows** and **Rules**. We set the Flows in the Visual Policy Designer (VPD) and within each Flow we can define multiple Rules. - -.. image:: images/lab1-createpolicy2.png - :width: 600 px - -13. Under **Flows**, drag and drop **Generic SAML Federation** flow to the VPD. You will need click on the little dots to the right of the flow type to grab the flow and drop into the VPD. - -.. image:: images/lab1-oktasaml.png - :width: 600 px - -When dropping the flow type onto the VPD, you will want to make sure the flow type box is over the plus sign and the plus sign turns blue. - -.. image:: images/lab1-oktasamldragndrop.png - :width: 600 px - -The result should look like the following screen shot. - -.. image:: images/lab1-oktasamldragndrop2.png - :width: 600 px - -14. Click inside the **Flow** type box. This show 3 buttons; **Delete**, **Edit**, and **Collapse** buttons. Click on the **Collapse** button to start adding **Rules** to the Flow. - -.. image:: images/lab1-oktaflowbox1.png - :width: 600 px - -Clicking on the **Collapse** button will expand the SAML Federation Flow type box. - -.. image:: images/lab1-oktasamlflow1.png - :width: 600 px - -.. note:: Noticed the title on the top left hand corner is Generic-SAML-Federation followed by a series of unique numbers. This can help identify which Flow you're currently viewing in VPD. - -15. Click inside the **SAML-Federation** Rule box, and select the **Edit** button - -.. image:: images/lab1-oktasamlrule1.png - :width: 600 px - -This will open the SAML Federation Rule properties screen. Please follow the images below for each section. - -16. In the **Rule Configuration**, **Rule Properties** screen, add **SAML-Federation-Okta-Rule** as the name of the rule, leave the rest as default. Click **Continue**. - -.. image:: images/lab1-oktasamlrule2.png - :width: 600 px - -17. In the **Rule Configuration**, **Providers** screen, this is where you can configure Service Provider and Identity Provider. - -.. image:: images/lab1-oktasamlruleproviders.png - :width: 600 px - -18. For this lab, we will need to configure both a **Service Provider** and **Identity Provider**. - -In the **Service Provider** section, click on the **Start Creating** button. - -.. image:: images/lab1-oktasamlrule3.png - :width: 600 px - -19. In the **Add Service Provider** screen add the following parameters: - -- **EntityID:** https://signed.example.com -- **Host:** https://signed.example.com -- **Check Want Signed Assertion** box -- Click **Save** - -.. image:: images/lab1-oktasamlrule4.png - :width: 600 px - -20. In the **Identity Provider** section, click on the **Start Creating** button. - -.. image:: images/lab1-oktasamlidentity.png - :width: 600 px - -21. In the **Add Idnentity Provider** screen add the following parameters: - -- **EntityID:** http://www.okta.com/exk93cs4on3gGVej44x7 -- **SSO URL:** https://dev-818899.okta.com/app/dev-818899_signedexamplecom_1/exk93cs4on3gGVej44x7/sso/saml -- **Identity Provider’s Assertion Verification Certificate:** select the *okta_signed_cert* -- Click **Save** - -22. Below is a summary of the completed Providers screen confirm you have both a Service Provider and Identity Provider configured, then Click **Continue**. - -.. image:: images/lab1-oktasamlconfirm.png - :width: 600 px - -23. In the **Branches** screen, keep the default. Click **Finish**. - -.. image:: images/lab1-oktasamlrule6.png - -24. This should bring you back to the Visual Policy Designer. Close the SAML flow by clicking on the **Collapse** icon. - -25. In the SAML Flow, change the Allow flow ending from Deny to **Allow**. - -.. image:: images/lab1-oktasamlrule7.png - :width: 600 px - -26. Click **Save** button at the top right hand corner to save the policy. After the policy is saved, click **Cancel** to close the policy. - -.. image:: images/lab1-policycreated.png - :width: 600 px - -You have completed creating a security policy. Next we will deploy an Application and assigned the access policy. \ No newline at end of file diff --git a/docs/class2/module2/lab2.rst b/docs/class2/module2/lab2.rst index e57bd70..f267fe7 100644 --- a/docs/class2/module2/lab2.rst +++ b/docs/class2/module2/lab2.rst @@ -1,157 +1,3 @@ Lab 2.2 - Create an Application ############################### -Creating an application and assign an Access policy to the application -********************************************************************** - -1. Access **BIG-IP Next Central Manager** if you're not already logged in. - -.. image:: images/lab2-cmlogin.png - :width: 600 px - -2. Click on the **Workspace** icon and select **Application**. - -.. image:: images/lab3-app1.png - :width: 600 px - -3. Click on **Start Adding Apps** button to create an Application. - -.. image:: images/lab3-app3.png - :width: 600 px - -4. In the **Add Application** screen, you can choose to create an application based on a template or create a standard application from scratch. In this lab, we will start with a **Standard** application. - -In the **Application Service Name** type: demo_okta_app, click **Start Creating** - -.. image:: images/lab3-app4.png - :width: 600 px - -5. In the **Application Service Properties** screen, click on **Start Creating** to start creating a virtual server. - -.. image:: images/lab3-app5.png - :width: 600 px - -6. In the **Application Services Properties** screen, **Virtual Servers tab**, you will define the virtual servers, pools, and profiles. Let’s start with creating Pools. - -.. image:: images/lab3-app6.png - :width: 600 px - -7. Click on **Pools** tab, and Click on **Create** button. - -.. image:: images/lab3-app7.png - :width: 600 px - -8. Define the following pool properties: - -- **Pool Name:** okta_pool -- **Load-Balancing Mode:** round-robin - -.. image:: images/lab3-app8.png - :width: 600 px - -9. Click on **Virtual Servers** tab, and define the following virtual server properties. - -- **Virtual Server Name:** vs_okta -- **Pool:** okta_pool -- **Virtual Port:** 443 - -.. image:: images/lab3-app9.png - :width: 600 px - -10. Click on the edit button under **Protocols & Profiles**. - -11. In the **Protocols and Profiles**, tick the slider button for **Enable HTTPS (Client-Side TLS)**. This will enable the features under HTTPS. Click on the **Add** button under the **No Client-Side TLS** to add a certificate. - -.. image:: images/lab3-app10.png - :width: 600 px - -12. In the **Add Client-Side TLS** screen, provide the input the following information. - -- **Name:** okta_signed_client_cert -- **RSA Certificate:** Select the *self_demo.f5.com* certificate -- Click **Save** - -.. image:: images/lab3-app11.png - :width: 600 px - -13. This should take you back to the **Protocols and Profiles** screen. Keep the rest of the settings as default. Click **Save**. - -.. image:: images/lab3-app12.png - :width: 600 px - -14. This will take you back to the Virtual Server screen. Now we will attach the Access Policy we have created previously to this application. Click on the edit button under **Security Policies**. - -.. image:: images/lab3-app13.png - :width: 600 px - -15. This will open the **Security Policies** screen. Slide the button next to **Use an Access Policy**. Under **Specify the Access Policy for this Application**, click the drop down box and select the *okta_signed_policy* created previously. Click **Save**. - -.. image:: images/lab3-app14.png - :width: 600 px - -16. After clicking **Save**, you should be returned to the Virtual Server property page. Click on **Review & Deploy** at the bottom right-hand corner. - -.. image:: images/lab3-app15.png - :width: 600 px - -17. In the **Deploy-to** screen, this is where you define which BIG-IP Next instance to deploy the application. Click on **Start Adding** to select a BIG-IP Next Instance. - -.. image:: images/lab3-app16.png - -18. In the drop down box, select *big-ip-next-03.example.com*, then click on **Add to List** button. - -.. image:: images/lab3-app17.png - :width: 600 px - -19. Add **Virtual Address** *10.1.10.101* to associate with the vs_okta. - -.. image:: images/lab3-app18.png - :width: 600 px - -20. Click on the drop down arrow under the **Members** column. This is where we will add the backend pool members to the virtual server. - -.. image:: images/lab3-app19.png - :width: 600 px - -21. In the okta_pool screen, click on **Add** Row, and enter the following information for the pool member. - -- **Name:** backend_okta_signed -- **IP Address:** 10.1.20.6 -- Click **Save** - -.. image:: images/lab3-app20.png - :width: 600 px - -22. Now you’re ready to Deploy your application. Click on **Deploy Changes** at the bottom right-hand corner. - -.. image:: images/lab3-app21.png - :width: 600 px - -23. Confirm in the pop up window that you’re deploy to big-ip-next-03.example.com instance. - -.. image:: images/lab3-app22.png - :width: 600 px - -Click on **Yes, Deploy**. - -24. You will get a status pop up window, and after a few seconds, the screen should refresh and show you the My Application Service dashboard, with a confirmation that Deployment Complete. - -.. image:: images/lab3-app23.png - :width: 600 px -.. image:: images/lab3-app24.png - :width: 600 px - -25. My Application Services Dashboard should show you one application has been deployed, and Health is Good. - -.. image:: images/lab3-app25.png - :width: 600 px - -Yay! You have completed deploying an Application and have associated it with an Access policy. Let's move to the next step to test the Application you have just deployed. - - - - - - - - diff --git a/docs/class2/module2/lab3.rst b/docs/class2/module2/lab3.rst index 8b4c157..1d00091 100644 --- a/docs/class2/module2/lab3.rst +++ b/docs/class2/module2/lab3.rst @@ -1,24 +1,2 @@ Lab 2.3 - Test Application ########################## - -Test Connectivity to the Application -************************************ - -1. In a new Chrome browser window type the following URL: https://signed.example.com - -You may get a security warning **Your Connection is Not Private**, this is because we're using a self-signed certificate. It is safe to proceed. - -.. image:: images/lab4-warn.png - :width: 600 px - -2. When prompted for Okta authentication enter the following username/password: user1/user1 - -.. image:: images/lab4-logon.png - :width: 600 px - -You should see the F5 Demo App after a successful login. - -.. image:: images/lab4-success.png - :width: 600 px - -This concludes Lab 1 - SAML Federation with Okta. \ No newline at end of file