Forum Discussion
seamlessfirework
Aug 22, 2023Cirrostratus
APM / responding session ID to client with JSON
He guys I am protecting several APIs with the APM module. In case of an error responds are sent in JSON with a plain and simple message "401 unauthorized" with an iRule and a custom iRule event in t...
seamlessfirework
Sep 05, 2023Cirrostratus
Hey PeteWhite,
Thanks for your reply and sorry for my delayed reply. In the meantime I had a discussion with one of my go-to F5 engineers who found a solution for me. Here we go:
when HTTP_RESPONSE_RELEASE {
set block [ACCESS::session data get session.custom.Return401]
# set variable to Return401
log local0. "Block: $block"
if { $block eq "1" } {
# respond JSON when variable block equals 1
set userSessionId [string range [ACCESS::session sid] end-7 end]
HTTP::respond 401 content "{\"title\":\"Unauthorized\",\"status\":401,\"sessionid\":\"$userSessionId\"}" noserver Connection Close WWW-Authenticate Bearer
# respond 401 with JSON body and include "WWW-Authenticate Bearer" in header
# include last 8 bits of MRH session id
ACCESS::session remove
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects