Forum Discussion
CirrostratusAPM requirement
Hi, we are trying to configure external logon page for one requirement. External logon page will POST results to F5 APM and the flow of APM should be able to read these results and further flow based on the results. Example : if external logon page posts 1 then flow should move for AD authentication. If external logon posts 0 then authentication should end with deny. any help in achieving this would be great. Thanks
3 Replies
Faruk_AYDINAltostratus
I think you want to use two-factor authentication. One is external logon page result, the other is APM. APM uses AD for authentication. Am I right?
Nuruddin_Ahmed_Yes. External Auth page will post back the result in the form of true/false or 1/0 which apm needs to read and take decision.
Thanks.
- Faruk_AYDIN
use this iRule to check if external logon is successful. If not, user cannot continue and the session is removed:
hen HTTP_REQUEST { Check for post requests to the specific external logon URI if {[HTTP::uri] starts_with "/specific" && [HTTP::method] eq "POST"}{ Collect up to 1Mb of request content if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } { set content_length [HTTP::header "Content-Length"] } else { set content_length 1048576 } if { $content_length > 0 } { HTTP::collect $content_length } } } when HTTP_REQUEST_DATA { Parse the authenticated value from the collected payload set authenticated [URI::query "?[HTTP::payload]" authenticated] HTTP::release } when ACCESS_SESSION_STARTED { if { ![ info exists authenticated ] || authenticated == 0} { ACCESS::session remove } }
