Forum Discussion

Mathew's avatar
Mathew
Icon for Cirrus rankCirrus
May 22, 2019

HTTP Monitor with authentication

Hi How can we configure a http monitor with username and password.
application delivery
LTM
Andy_McGrath's avatar
Andy_McGrath
Icon for Cumulonimbus rankCumulonimbus
May 22, 2019

What authentication method is supported on the web server you are trying to monitor?

 

Basic Authentication and NTLM/NTLMv2 are supported methods under the HTTP and HTTPS Monitors.

 

For NTLM to work the web server needs to respond with a 401 response status with a WWW-Authenticate header set to NTLM when it tries to authenticate with Basic Authentication, which it will do first.

 

https://support.f5.com/csp/article/K2167

  • Mathew's avatar
    Mathew
    Icon for Cirrus rankCirrus
    May 22, 2019

    Basic Authentication only

    • Hamish's avatar
      Hamish
      Icon for Cirrocumulus rankCirrocumulus
      May 22, 2019

      Then it's likely that you forgot to tell the monitor what constitutes a valid response. Otherwise it takes the fact that the login failed to be evidence that the site is up.

    • Mathew's avatar
      Mathew
      Icon for Cirrus rankCirrus
      May 22, 2019

      is there any command to verify its actually trying to authenticate.

    • Andy_McGrath's avatar
      Andy_McGrath
      Icon for Cumulonimbus rankCumulonimbus
      May 22, 2019

      Curl is the best why to test, run one of the following from Bash:

      curl http://name:passwd@1.1.1.1/full/path/to/file -H "Host: host.domain.com"

      or 

      curl -u name:passwd http://1.1.1.1/full/path/to/file -H "Host: host.domain.com"

      Alternatively you can do a tcpdump and capture the actual requests and responses from the F5 monitor traffic.