Forum Discussion

Ryan_Lamore_804's avatar
Ryan_Lamore_804
Icon for Nimbostratus rankNimbostratus
Aug 13, 2013

Authenticated Sessions at the HTTP level for the iControl API (HTTP Headers?)

We're using i-Control-11.2's Interfaces object and doing some serious pounding of the system. BigIp has no trouble handling the load; however, we're going through a third party authentication/author...
authentication
devops
http headers
iControl
management
security
George_Watkins_'s avatar
George_Watkins_
Historic F5 Account
Aug 16, 2013

I believe the method you are looking for is called setMaintainSession. It is located on the Axis BindingStub objects. Setting it to true will perform the first authentication using HTTP basic auth, then will insert the BigIPAuthCookie (returned in the first response) in subsequent requests. The auth cookie should be checked before HTTP basic auth is attempted. Here is my test code, which is based upon the iControl JAR available on DevCentral (I also had to add the axis and axis-jaxrpc JARs to my CLASSPATH):

 

import iControl.*;

public class AuthCookieTest {
    public static void main(String[] args) {
        iControl.Interfaces bigip = new iControl.Interfaces();
        bigip.initialize("test-ltm-01", "admin", "admin");
        
        try {
            SystemSystemInfoBindingStub systemInfoStub = bigip.getSystemSystemInfo();
            systemInfoStub.setMaintainSession(true);
            systemInfoStub.get_version();
            systemInfoStub.get_version();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}

That should cut down on the TACACS chattiness as only the first call will require a TACACS query for authentication. Let me know if that does the trick.