Forum Discussion

Altocumulus

Sep 26, 2017

How can non-custom APM session variables be secured?

When reading data from LDAP, we have data other than passwords that is sensitive. The sensitive data can be moved to a [S] secure custom variable; however, the original values are unsecure and still can appear in APM logs, reports, etc.

How can APM session variables that are not custom (such as session.ldap.last.attrib.XXX) be made secure, similar to user entered passwords from a login box?

application delivery

BIG-IP Access Policy Manager (APM)

security

Stanislas_Piro2

Cumulonimbus

Sep 26, 2017

You can use a variable assign

session.ldap.last.attrib.XXX    
Secure    
expr {[mcget {session.ldap.last.attrib.XXX}]}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

How can non-custom APM session variables be secured?

Recent Discussions

Big IP DNS Failover

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

Related Content

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more

Securing Model Serving in Red Hat OpenShift AI (on ROSA) with F5 Distributed Cloud API Security

APM variable assign examples

F5 AI Gateway - Secure, Deliver and Optimize GenAI Apps

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS