Different auth type per path/user-agent/header?

Question

Hi,&nbsp;Is there a way to force different authentication methods for different paths under the same VS?Or do the same, but per user-agent? Say SAML for Browsers, NTLM for everything else.I can't see anything under the policy builder, so maybe irules can do it somehow?(I don't want to use per-request policies, if possible)&nbsp;Thanks&nbsp;

petewhite · Answer

APM has this in the VPE as a client side check ( client Type and Client OS ), or you can check the landing URI to do different auth for the different paths.

ricardo_duarte · Answer

VPE will not work for me.I want to do something similar to what the "Exchange Profile" does: /activesync is basic ; /mapi is ntlm ; owa is web auth, etc.But I can't match paths/urls on per-session requests... At least I cant find a way to do it.

ricardo_duarte · Answer

Would this be a good option?&nbsp;Create a Standard VS with the VIPThen create multiple Internal VS with the same pool servers but different APM policiesThen route to the internal VS from the Standard VIP with iRules&nbsp;

petewhite · Answer

Hi Ricardo,

Yes, it would – or you can use the landing URI session variable within a policy.

Forum Discussion

Different auth type per path/user-agent/header?

Recent Discussions

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

SSL bridging without SSL proxy forward

Related Content

Bolt-on Auth with NGINX Plus and F5 Distributed Cloud

Copper SFP Differences

different auth policies with different auth methods for different VIPs

HTTP auth - Calling external API with parameters

Testing for iControl auth errors

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS