Forum Discussion
Jacob_Miller_61
Nimbostratus
NimbostratusClient Server PKI and BEA Weblogic
OK,
First please excuse the "off topic" nature of this post. I'm running out of places to ask this question.
Second, a little backgroud:
BigIP v4.6.2
Pool of one BEA 8.1 server listening on port 443
1 VIP 127.0.0.3 listening on port 443 passing to pool of BEA 8.1
1 SSL Proxy that requests the users certificate and establishes an SSL connection to the BEA Pool (ServerSSL)
SSL Proxy passes ALL SSLVariables via the HTTP HEADERS
BEA is listening for a user certificate if there is no user certificate it will prompt for login.
The situation:
BigIP and the Proxy sucessfully request the user cert. The user cert and other SSL based variables are encoded on the HTTP HEADERS and sent onto BEA. BEA gets the HTTP headers. The developer can see the headers and they verify that the headers are displaying the correct user cert, but apparently the BEA framework doesn't like SSL VARS in the HTTP headers. So the BEA authorizer can't pull the DN and compare it to the LDAP DB for authorization.
The question:
Has this been done before?
Since F5 and BEA have a relationship is this a reasonable request?
Am I missing something?
A little more info:
This "site" cannot do a qkview or share it's logs or it's configuration. We are working on a "test" site that would be able to share all that stuff.
If there is a better place for this message please let me know where.
TIA,
Jake
- No problem of the off-topic post.
You might want to take a look at the BEA Section (http://www.f5.com/solutions/applications/appServers/bea_sb.html) in the Solution Center on www.f5.com. If that doesn't help you out then I'd suggest you contact F5 Tech Support directly. Not to be passing the buck, but this is a developer forum for building iRules and iControl apps. You will get much better support for deployment issues via our Product Tech Support staff.
-Joe
