Forum Discussion

Jim_22175's avatar
Jim_22175
Icon for Nimbostratus rankNimbostratus
Feb 26, 2008

BigIP using redirection for Securid authentication

I'm trying to get a BigIP to work with a Securid agent (via IIS web page) to authenticate users before proxying them to a protected web server. When the client connects to the vip on the bigip, the default pool directs them to the IIS server running securid auth. The bigip watches the responses displayed by the server. If the user enters correct credentials, the bigip detects this, sets a cookie to say the user is authorised, and forwards their session to the real web server. If the user doesnt get an "authentication successful" page back (ie they get denied, or pin reset, or next token code) then the F5 will keep them directed to the securid page.

 

 

I can set up an irule to direct the user to the real website once authenticated. But i'm not sure how to parse the users traffic for "authentication successful" or how to set cookies accordingly.
config
design
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Feb 26, 2008
    Hi,

     

     

    There are a few similar rules in the Codeshare and iRules forum:

     

     

    Client Auth Using Http Cookie

     

    http://devcentral.f5.com/wiki/default.aspx/iRules/ClientAuthUsingHttpCookie.html

     

     

    Conditioning iRule Logic on External Information - 1 - HTTP::retry

     

    http://devcentral.f5.com/Default.aspx?tabid=63&articleType=ArticleView&articleId=105

     

     

    Aaron