Forum Discussion
ddubya_152376
Nimbostratus
Nimbostratusf5 Access Policy Manager AJAX vs Non-Ajax Request Handling with Authentication
I'm implementing a Single Page Application (Javascript/AJAX Based) leveraging the f5 as the Identity Provider and Service Provider for Single-Sign-On. The Web app sits behind the f5 in Apache, and th...
ddubya_152376Nimbostratus
NimbostratusI just found this in the docs: https://devcentral.f5.com/wiki/iRules.ACCESS__session.ashx
when HTTP_REQUEST {
set apm_cookie [HTTP::cookie value MRHSession]
if { $apm_cookie != "" && ! [ACCESS::session exists $apm_cookie] } {
HTTP::respond 401 WWW-Authenticate "Basic realm=\"www.example.com\""
return
}
}
It looks like it's specifically checking every HTTP Request and if the session is not active it will respond with a 401 Unauthorized Response. I think this is what I'm looking for.
