For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MDPF52_180608's avatar
MDPF52_180608
Icon for Nimbostratus rankNimbostratus
Sep 11, 2015

APM & JBOSS JSESSIONID

Hello Devcentral,   Currently, I am facing a problem with an implementation of APM as a front-end for a JBOSS application. Basically, the user needs to authenticate on the APM logon page and after...
MDPF52_180608's avatar
MDPF52_180608
Icon for Nimbostratus rankNimbostratus
Sep 11, 2015

Hello Kevin,

thanks for you reply. I think that maybe I will be able to apply the following workaround:

  • remove the HTTP auth event in the APM Policy
  • create iRule event (how I can apply the multiline option to my regexp? 😞

when ACCESS_POLICY_AGENT_EVENT { switch [ACCESS::policy agent_id] { "AUTH" { create connection set server [connect -protocol TCP -timeout 100 -idle 5 -status conn_status xxx.xxx.xxx.xxx:80]

         create POST data
        set postdata "action=xxxn&username=[ACCESS::session data get session.logon.last.username]&password=[ACCESS::session data get session.logon.last.password]&submit=Login"

         create POST request
        set data "POST /test2 HTTP/1.1\r\nalogin_name: [ACCESS::session data get session.logon.last.username]\r\nContent-Length: [string length $postdata]\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n$postdata"

         send the request
        send -status send_status -timeout 300 $server $data

         receieve the response
        set resp [recv -status recv_status -timeout 1000 $server]

        set jsess  regexp (JSESSIONID=.*?\/chp2$) $resp
        log local0. "\$jsess: $jsess"

         create 2nd connection
        set server [connect -protocol TCP -timeout 100 -idle 5 -status conn_status xxx.xxx.xxx.xxx:80]

         create 2nd POST data
        set postdata2 "action=xxxn&username=[ACCESS::session data get session.logon.last.username]&password=[ACCESS::session data get session.logon.last.password]&submit=Login"

         create 2nd POST request
        set data2 "POST /test2 HTTP/1.1\r\nalogin_name: [ACCESS::session data get session.logon.last.username]\r\nCookie:$jsess\r\nContent-Length: [string length $postdata]\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\n$postdata"

         send the 2nd request
        send -status send_status -timeout 300 $server $data

         receieve the 2nd response
        set resp [recv -status recv_status -timeout 1000 $server]



        }   
    }
}

}

Do you think that this will work ?

Thanks in advance,

M.