Forum Discussion

Barny_Riches's avatar
Icon for Nimbostratus rankNimbostratus
Mar 20, 2023

APM Features without Session Cookies

Dear All,

I have implemented an application proxy in LTM that uses an iRule along with old Advanced Client Authentication (ACA) features to perform OCSP checks for certificate-based authentication as a fall-back for requests from un-authorised IP addresses.

The reason for an iRule and the old PAM-based authentication is that several of the services that are using the proxy cannot handle/present session cookies. My original implementation was built using APM, which made the whole solution much easier to configure. This worked like a dream for browser access and some command-line clients that could handle cookies. However access failed for client connections that couldn't handle cookies. 

I would love to use APM to replace the existing access rule, especially as old posts like the one below, suggest that the ACA features are likely to be removed at some point: 

Is there any way to use APM based features, such as OCSP Reponder authentication, either natively or from within an iRule, without APM session cookie requirements? Or is APM limited to connections that can handle cookies?

Any advice gratefully received.

5 Replies