APM Policy workflow problem

Question

We build a absolute basic APM policy with a Logon Page, AD auth and SSO Credential Mapping.&nbsp;
Then i created a iRule Event directly after the Logon Page and I thought that this Event is called every time a user enters a username/password. The first time that is true but when the user enters a invalid username/password the iRule Event is not called again when the user enters the credentials the second or third time.&nbsp;
Is this a expected behavior and if yes is it possible to changed that? &nbsp;
Background is that we need to get information’s from the user prior to the AD auth to select the DC&nbsp;

amolari · Answer

try this: create a macro with the Logon Page+AD_Query+iRule-Agent, loop it the number of time you want the user to be asked for valid credentials until the Logon_deny. Then in the AD agent set the value "Max logon attemps allowed" to 1

amolari · Answer

you can loop the whole macro for X time. check Manual Chapter: Creating Access Profiles and Access Policies, section "To configure a macro to repeat in an access policy"&nbsp;

Forum Discussion

APM Policy workflow problem

2 Replies

Jürgen - February 2026 Featured Member

ICYMI - Steve Wozniak at AppWorld 2026

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 rSeries deployment and migration

Questions on Migrating configs from iSeries to RSeries F5s

AWS F5_OWASP Managed Rule Blocking requests

Add all rule labels to events in F5 Rules for AWS WAF - Web exploits OWASP Rules

F5 Local traffic Pool -> How does it track the availability of the members of the pool?

Related Content

Fine-Tuning F5 NGINX WAF Policy with Policy Lifecycle Manager and Security Dashboard

Streamlining Dev Workflows: A Lightweight Self-Service Solution for Bypassing Bot Defense Safely

LTM Policy

Getting Started with iRules LX, Part 2: Configuration & Workflow

Streamlining App Development: Unlocking Self-Service Workflows with F5 NGINX Instance Manager

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS