For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Doffie's avatar
Doffie
Icon for Nimbostratus rankNimbostratus
Apr 26, 2017

iRule to query SQL for Auth and attributes

Hi All We are in a situation where we as a company have a lot of customer portals and would like to use the F5 to consolidate the logins. Using the LTM we would like to have a default login page and ...
application delivery
iRules
LTM
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Apr 26, 2017

Hi,

the authentication module in BigIP is APM. but APM does not support SQL authentication.

I already had this kind of request from a customer and I solved it with an internal web service converting HTTP request to SQL requests (this web service is not hosted by F5)

  • On a internal web server with SQL connection, create a web service with
    • Basic authentication client side
    • authenticate users against SQL
    • insert in a cookie containing portal information
  • On APM, create a Access Policy with HTTP Authentication on internal web service
    • after authentication, parse cookie with expression 
      expr { [lindex [regexp -inline {Portal=([^;\\\r]*)} [mcget session.http.last.response_cookie]] 1] }
    • redirect user to this url.