Forum Discussion
APM HTTP auth
Hi,
I am trying to do form based HTTP authentication. Form method is POST. I did wireshark (when connecting to server directly) and HTML form includes:
username
password
_token
submit
Username and password is OK. Submit is sent empty. The problem I have is with parameter _token. This parameter is taken from HTML response when entering the site: <meta name="csrf-token" content="MrMacUlmD6vlcdZsuVP8csCakwAwXXgqaDqaIO1Q">\n and sent back during the authentication.
My question is: how get the token variable to the POST? Using iRules? Or is there easier way of doing it?
thank you
4 Replies
there are two types of form based SSO (you are doing SSO right?)
you might want the client initiated one, there you wouldnt have to worry about the csrf-token issue
https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-sso-13-0-0/25.html
- PeterM
Nimbostratus
Hi, no, I used Access -> Authentication -> HTTP. But if SSO is better then I use it.
- Manideep
Nimbostratus
I got the same issue, any solution on this?
- Manideep
Nimbostratus
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com