Forum Discussion

MVP

Apr 17, 2013

APM two factor authentication with one password field

I am wondering if it is possible to do two factor authentication (RSA + AD) based on HTTP authentication, so with only a username and password field available, so no third field. i was wondering abou...

BIG-IP Access Policy Manager (APM)

remote access

security

Michael_Koyfma1

Cirrus

Apr 17, 2013

Yes, you most certainly can do that. Keep in mind that currently all APM Auth functions assume/require that the value fo the password is set to session.logon.last.password variable. So, use iRules or Variable Assignment VPE action to save off original password, then extract token value, assign it to session.logon.last.password variable, run it through RSA Auth, then after successful RSA Auth set the AD password's value of the original field to session.logon.last.password, and run through AD Auth action.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)