Forum Discussion

Doffie's avatar
Doffie
Icon for Nimbostratus rankNimbostratus
Apr 26, 2017

iRule to query SQL for Auth and attributes

Hi All We are in a situation where we as a company have a lot of customer portals and would like to use the F5 to consolidate the logins. Using the LTM we would like to have a default login page and ...
application delivery
iRules
LTM
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Apr 26, 2017

Hi,

the authentication module in BigIP is APM. but APM does not support SQL authentication.

I already had this kind of request from a customer and I solved it with an internal web service converting HTTP request to SQL requests (this web service is not hosted by F5)

  • On a internal web server with SQL connection, create a web service with
    • Basic authentication client side
    • authenticate users against SQL
    • insert in a cookie containing portal information
  • On APM, create a Access Policy with HTTP Authentication on internal web service
    • after authentication, parse cookie with expression 
      expr { [lindex [regexp -inline {Portal=([^;\\\r]*)} [mcget session.http.last.response_cookie]] 1] }
    • redirect user to this url.