Forum Discussion
Erich_Rockman_1
Dec 10, 2015Cirrus
Check Authorization / WWW-Authenticate headers
Hi. I am trying to make sure that the user what is trying to/has authenticated to a site w/ Basic Auth matches a user in a list. However, I cannot force the server to prompt if the user/pass is not a...
Erich_Rockman_1
Dec 11, 2015Cirrus
It's not an error. I am returning the Access is Denied to the client in an HTTP::respond. The Authorization header is sent with the request and the WWW-Authenticate header is sent in the response. I am not looking to overwrite/replace the server response, I am looking to check that the user that is successfully authenticated by the server matches a username in a list that I provide. It seems like I cannot do both.
- Kai_WilkeDec 11, 2015MVPHi Erich, I dont understand why you want the validity check happen "after" the user has already logged in to your server? In my opinion, its far more effective to check already on HTTP_REQUEST if the username is whitelisted and depending on your desired action to "ask for credentials" or simply send a "access denied message" if an unknown or no username was submitted. In addition a HTTP_RESPONSE filter could be implemented to check if the authentication was denied for the already whitelisted username. The check could then supress/change/manipulate the response if needed to either become a "ask again for credentials" (aka. 401) or "access denied message" (aka. 403) response. Please describe your needs and the intention behind as best as possible. It will allow us to help you without assuming things. Thanks! Cheers, Kai
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects