Forum Discussion
http monitor with credential
hi all,
after searching through, i can't seems to find something that is related to this. it points me to the sol guide but seems like i am still cant get the f5 health monitor to log in and get authenticated to get the 200 ok.
this is the send string that i send in the health monitor GET /WebOAS/OasCommon/Views/MainMenu.aspx?inst_code=SG HTTP/1.1\r\n \r\nConnection: Close\r\n\r\n
the return string 200 OK
this is the curl command and the output curl -Is --ntlm --user 'domain\username' : 'P@ssw0rd' http://10.236.176.26/WebOAS/OasCommon/Views/MainMenu.aspx?inst_code=SG
HTTP/1.1 401 Unauthorized Content-Length: 341 Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 WWW-Authenticate: NTLM TlRMTVNTUAACAAAABQAFADgAAAAGgokCON9RPQHP2RYAAAAAAAAAALgAuAA9AAAABgOAJQAAAA9TSFNFUwIACgBTAEgAUwBFAFMAAQAaAFMARwBIAE8AQQBTAFYAUABXAEUAQgAwADEABAAgAHMAaABzAGUAcwAuAHMAaABzAC4AYwBvAG0ALgBzAGcAAwA8AFMARwBIAE8AQQBTAFYAUABXAEUAQgAwADEALgBzAGgAcwBlAHMALgBzAGgAcwAuAGMAbwBtAC4AcwBnAAUAFABzAGgAcwAuAGMAbwBtAC4AcwBnAAcACABgPehc3SnSAQAAAAA= Date: Wed, 19 Oct 2016 07:49:47 GMT
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache,no-cache Content-Length: 1302 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/8.5 X-AspNet-Version: 2.0.50727 Set-Cookie: ASP.NET_SessionId=50ff5f45jrkz5eezs3oiyeq0; path=/; HttpOnly Persistent-Auth: true X-Powered-By: ASP.NET Date: Wed, 19 Oct 2016 07:49:51 GMT
when i tried a telnet 10.236.176.26 80 and issue the GET /WebOAS/OasCommon/Views/MainMenu.aspx?inst_code=SG
i received an unauthorised access. invalid credential.
am i doing something wrong??
2 Replies
- Jinshu
Cirrus
You will have two options to solve this issue i think.
-
You can use the existing http monitor (
GET /WebOAS/OasCommon/Views/MainMenu.aspx?inst_code=SG HTTP/1.1\r\n \r\nConnection: Close\r\n\r\n) and change the response code from 200 OK to 401. -
Use an external monitor to use
curl -Is --ntlm --user 'domain\username' : 'P@ssw0rd' http://10.236.176.26/WebOAS/OasCommon/Views/MainMenu.aspx?inst_code=SG as health monitor.
-Jinshu
-
- Andy_McGrath
Cumulonimbus
What TMOS version are you running?
11.1.0 - 11.3.0 has a bug sol13821: HTTP monitors may fail when NTLM authentication is required
I also agree with Jinshu's approach of using an external monitor and personally I use for almost all HTTP/HTTPS monitors that need NTML authentication.
The only thing I would say is watch your backend servers as you could end up with a lot of open authenticated sessions on the servers. If this is an issue write an external monitor that closes the authenticated session after performing its checks.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com