iRule auth http check

So there are two options, neither of which are for the novice.

 

 

Option 1, use an APM, It can do the forwading and the login page. Version 10.2.1 is ideal for this. You have 10 free APM licenses. You will have to setup an APM policy with what we call "HTTP auth". It is a bit involved and difficult to describe here but, Devcentral has a lot of information on the APM as well as some examples.

 

 

 

 

Option 2:

 

 

with an I-Rule, allow the request to get to the server un-authenticated. When the server refuses the connection, you capture that in the HTTP_RESPONSE event. Since you are in the HTTP_RESPONSE event, you can then use the HTTP::retry command. This re-run the HTTP Request as if it just came from the client only this time you have set a flag that says "go to the PHP script". The "node" is set to point to your PHP script and the Request is modified to suit the script. You also save the original request in a varialble. When the response from the PHP script comes back, again you would be in HTTP_RESPONSE, this time, you modify the original request so that it is accepted by the server, issue the HTTP::retry again using the modified original request. THis time you have the proper cookie or flag and you will be forwarded normally.

 

 

here is the HTTP::retry page, there are examples:

 

http://devcentral.f5.com/wiki/default.aspx/iRules/HTTP__retry.html

 

 

Also search devcentral for HTTP::retry, there are many examples.

 

HTH