Custom authentication

Hello,

 

 

We are in need of creating a custom authentication rule that does the following:

 

 

If no sessionID exists, redirect to our central authentication website (which sets the sessionID cookie along with inserting into the central auth DB the sessionID generated along with the clientIP)

 

 

I have created an iRule to do this and all works well except there is no validating that the sessionID is still vaild. Our central web authentication service has an interface that we usually call from a in-house developed apache module loaded on each web server or running a perl script that connects to the central auth server when needed.

 

 

The apache module or perl script just passes the sessionID and clientIP and returns a yes or no response if the session is still valid. If the session is no longer valid we redirect back to the central auth page

 

 

Is there a way I can do this through iRules by creating a custom pam module with the functionality I'm looking for and accessing it through AUTH or are there other options?

 

 

Thanks in advance!

 

Jim