User from internet will login in SSL VPN via url abcd.net.com. In the landing page, there is a cloud application URL (apps.myurl.com), the user will be sent directly to apps.myurl.com upon clicking the URL since I did a no rewrite on the mentioned URL. Apps.myurl.com receives the request and supposed to check the authentication in my DMZ server(lets say myauth.xy.com).
Problem is the customer doesnt want to have a dual authentication. 1st authentication is via SSL VPN and 2nd is in apps.myurl.com.
PS: It works perfectly if user from internet will hit apps.myurl.com. It will forward to authentication server myauth.xy.com.
To perform SSO, you would need to go through the rewrite engine. If you can attempt to only place the login portion of the site through the web rewrite, then perform a 'no rewrite' after the authentication has occurred. The other option is to configure a authorization only url so the PCS device is acting as a proxy and would not require authentication to the PCS device.