Forum Discussion

Nimbostratus

Sep 17, 2014

APM httpagent401 in clientless mode?

Hi out there I just ran into a problem - I need to issue a http401 from the APM to authenticate against a remote LDAP server - and since my client isn't a full-blown browser but a client build on MS ...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Sep 18, 2014

Session variable insertion isn't going to be automatic here. Only the 401 agent would do that. What you need to do is:

Respond with a 401 if the Authorization header does not exist.
If it does exist, but the MRHSession cookie does not, collect the payload and parse out the username and password from the Authorization header data and assign to temporary variables.

In the ACCESS_SESSION_STARTED event, grab those temporary values and insert into session variables. Example:

when ACCESS_SESSION_STARTED {        
    if { [info exists username] } {            
        ACCESS::session data set session.logon.last.username $username
    }
}

I don't have a chance to test this, but the logic should at least be close.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)