Forum Discussion

Cirrus

Dec 10, 2015

Check Authorization / WWW-Authenticate headers

Hi. I am trying to make sure that the user what is trying to/has authenticated to a site w/ Basic Auth matches a user in a list. However, I cannot force the server to prompt if the user/pass is not a...

application delivery

BIG-IP Access Policy Manager (APM)

iRules

Stanislas_Piro2

Cumulonimbus

Dec 11, 2015

Does this irule do what you want?

when HTTP_REQUEST {
    if {[catch {set username [HTTP::username] }]} { set username ""}
    if { ($username ne "") && ([lsearch $userlist $username] equals -1 )} { HTTP::respond 403 content "Access is Denied!" }   
}

when HTTP_RESPONSE {
  if { ([HTTP::status] eq "401") && !([HTTP::header WWW-Authenticate] contains "Basic") } { HTTP::respond 403 content "Access is Denied!" }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Check Authorization / WWW-Authenticate headers

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

JWT authorization with NGINX Ingress Controller

OWASP Tactical Access Defense Series: Broken Function Level Authorization (BFLA)

ASM irule to disable attack signature authorization header with specific value

iRule - Authorization Bearer / Basic

(HTTP) Redirection via Arbitrary Host Header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS