Forum Discussion
Different auth type per path/user-agent/header?
Hi,
Is there a way to force different authentication methods for different paths under the same VS?
Or do the same, but per user-agent? Say SAML for Browsers, NTLM for everything else.
I can't see anything under the policy builder, so maybe irules can do it somehow?
(I don't want to use per-request policies, if possible)
Thanks
- PeteWhiteEmployee
APM has this in the VPE as a client side check ( client Type and Client OS ), or you can check the landing URI to do different auth for the different paths.
- Ricardo_DuarteAltostratus
VPE will not work for me.
I want to do something similar to what the "Exchange Profile" does: /activesync is basic ; /mapi is ntlm ; owa is web auth, etc.
But I can't match paths/urls on per-session requests... At least I cant find a way to do it.
- Ricardo_DuarteAltostratus
Would this be a good option?
- Create a Standard VS with the VIP
- Then create multiple Internal VS with the same pool servers but different APM policies
- Then route to the internal VS from the Standard VIP with iRules
- PeteWhiteEmployeeHi Ricardo, Yes, it would – or you can use the landing URI session variable within a policy.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com