For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Khalid_A's avatar
Khalid_A
Icon for Nimbostratus rankNimbostratus
Mar 05, 2018

Creating JWS session tables

Hi,   We're implementing API authentication/authorization based on JWT. The API and authorization server are all behind F5. We've been asked just to store the JWS sent back from the authorization ...
application delivery
BIG-IP Access Policy Manager (APM)
LTM
Khalid_A's avatar
Khalid_A
Icon for Nimbostratus rankNimbostratus
Mar 06, 2018

Hi Jason,

 

Thanks for the info. I'm not an advanced iRules user. Maybe I'm wrong, but I'm missing the following:-

 

  • What value is taken for the $internal_key variable? In the case of our implementation, it will be the payload portion of a JWT

     

  • How will the &ext_key variable be derived?

     

  • In HTTP_REQUEST, there is a table lookup, but how is the match done against the value of the external key in the header itself?

     

Thanks