For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

navgup_66025's avatar
navgup_66025
Icon for Nimbostratus rankNimbostratus
Aug 08, 2013

Auth_Status and Persist

1) I have PoolK and PoolF and default pool has to be PoolK   2) first client request always go to PoolK   3) Check if client has been authenticated to PoolK using Auth_status command, if YES pe...
application delivery
dev
devops
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Aug 12, 2013

Is "/nad" just an arbitrary client side trigger URI? Non-existent on the server side? If so, then yes, by all means rewrite it. It does seem odd that the Authorization header just goes away after the first request after the 401, but I guess that's just how it's designed. In any case, you still need to focus on some sort of persistence value. The "PD-S-SESSION-ID-PROD2" cookie does get set in the 401, so unless that can get set any time BEFORE a user accesses the auth path, it's still probably a good thing to check on each request. Worst case, as I mentioned before, just set a new cookie on the 401 response and track that in the request.