For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Yaoxie_117356's avatar
Yaoxie_117356
Icon for Nimbostratus rankNimbostratus
Aug 09, 2016

how do I initiate a http request to backend pool member when client pass APM authentication

Hi folk,   Here is the background, initially client send out a request and F5 send back HTTP 200 on behalf of server, F5 then perform the RSA authentication, so far there is no packet sent to back...
application delivery
BIG-IP Access Policy Manager (APM)
Yaoxie_117356's avatar
Yaoxie_117356
Icon for Nimbostratus rankNimbostratus
Aug 11, 2016

Hi Lucas, thanks for your reply.

 

My initial question has been fixed now

 

My second question is sometimes there is HTTP request generated by some script which ignore the MRH session cookie (assuming browser had already passed APM policy) and result in 302, in this scenario, except for disable ACCESS:SESSION, what's the other way around?

 

  • Lucas_Thompson_'s avatar
    Lucas_Thompson_
    Historic F5 Account
    Aug 11, 2016

    You have to be able to somehow either associate the new request with the old session (you could insert the session cookie in an irule after it had been stored in a subtable from some other irule operation)

     

    Or just start up a new session in clientless-mode if you have HTTP authorization data.