For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jase_40648's avatar
jase_40648
Icon for Nimbostratus rankNimbostratus
May 12, 2009

Custom Certificate Checks

Hello. We are trying to do some custom checks for a protected configuration. Specifically, we want to verify that not only did the client give a valid certificate, but that their email address in th...
BIG-IP Access Policy Manager (APM)
remote access
security
Mike_Ho's avatar
Mike_Ho
Icon for Cirrus rankCirrus
May 15, 2009
Hi Jase,

 

 

One thing you can do, outside the scope of a pre-logon inspection, is to create an advanced session variable ( Users -> Session Variables -> Add New Session Variable) to pull out a substring of an existing session variable. Then use your advanced session variable in a protected configuration using a "custom check". Then apply your protected configuration to your master group or set of resources.

 

 

To my knowledge there is no comparison operator or function similar to substr() or the SQL LIKE operator that you can use in a pre-logon inspection rule. If you find one be sure to let us know!