Forum Discussion

Joe_Dunn_46490's avatar
Icon for Nimbostratus rankNimbostratus
Nov 28, 2011

Insert Random Hash

Hi group



I'm wondering if anyone has any experience or direction on how one would do the following:




In an authentication scenario when a user is sending username/password for an iRule to pre-pend or append a string as a one time pad without the user's knowledge which would be used along with the username and password as authentication requirement.




Any pointers would be greatly appreciated.


5 Replies

  • Hamish's avatar
    Icon for Cirrocumulus rankCirrocumulus
    You mean to intercept the request and re-write the URI? That bit is easy... Does it HAVE to be the URI? Seems to me there's less likelyhood for leakage to the client (e.g. by getting a 404 back accidentally for some reason or other) if the string goes in a custom HTTP header (Also inserted by an iRule).



  • No not rewrite the URI, but modify the actual password field being transmitted to add the one time pad to the password field. Make it so the user does not know the full password to auth but does not need to know it either.
  • Hi John,



    Where is this password value located? [HTTP::uri], Custom Header Value, Postback Payload Data, etc?



    Also, are you trying to pre-pend or append a set string value (known value) or something random?
  • Hey Michael,



    User is talking to active sync server proxied by F5. F5 is ssl termination point. So the irule would intercept the connection modify the password by prepending/postpending and then relaying the connection on to the active sync server.



  • If that communication is using Basic Authentication (which I doubt) you could try using HTTP::password.



    If not then you are probably going to have to start looking for it in the Payload. I have never tried to do what you are attempting before so I cannot give any other guidance.