Forum Discussion
Login Banner
Hello.I've been tasked to create a login banner that will pop up when an external user hits my LTM and goes to any of my virtual servers. It's supposed to consist of a short message explaining that use of the system constitutes consent to monitoring and should have one button (yes/ok etc.) and the small x in the corner that would allow them to cancel out of the pop up (ideally this should close their connection or send them to an errorpage.) I believe this is possible with an iRule, but I have no experience with TCL. I would greatly appreciate any suggestions and help that anyone has to offer. Thanks in advance.
- hooleylistCirrostratusHi Javern,
- Member_9894Nimbostratus
We are using HTTPS. I'll check out those threads, thank you.
- Reiss_79688Nimbostratus
Hello,
I'm working with Member 9894 on this project.
What we are attempting to accomplish is present our users with a banner that says 'you are accessing our servers; you consent to monitoring, blah blah blah' and have them click on the 'OK' button to access the content.
Here's our basic setup...
multiple VS accessed via https...using PKI/CAC for client authentication.
using Big IP LTM v9.3.0
We would like to have Big IP serve the 'banner' page prior to the users being authenticated for any of our VSs.
I have attempted to use a 'HTTP::respond 200 content [subst $::html_data]'. I can get the page (basic html with embedded css) to be served but when clicking on the 'OK' button I'm not sure what happens at that point.
Any help would be appreciated.
I can post iRule scripting if needed; let me know.
- hooleylistCirrostratusIt should be relatively simple to implement a Javascript injection in responses. I think the trick is to figure out what code you want to inject and under which circumstances. For example, if this was the HTML for your index page:
My test index page This is the rest of the HTML in the body...
My test index page This is the rest of the HTML in the body...
- Reiss_79688Nimbostratus
Thanks Aaron. Very good info. I was heading down those lines, but how do I get the iRule to capture the button click on my html page delivered to the user?
I Agree
Also, the only way that I can see (with my limited knowledge of the Big IP traffic flow sequence and when the events are called) to do it is to have the iRule set a variable or cookie in the same conditional statement as the HTTP::respond. By doing this, though, the user won't actually have to click the 'I Agree' button to have the cookie or variable be set, instead, all they would have to do is visit the page. I would much rather know that they clicked the 'I Agree' button.
Here is some of the iRule:
when CLIENT_ACCEPTED { set consent_monitor "NotAgree" log local0. "CLIENT_ACCEPTED" } when HTTP_REQUEST { if { $consent_monitor == "NotAgree" } { log local0. "Client has not agreed to monitoring. Sending consent page..." set origUrl "[HTTP::host][HTTP::uri]" log local0. "original URL = $origUrl" HTTP::respond 200 content [subst $::html_data] set consent_monitor "Agree" } }
- Reiss_79688Nimbostratussorry about the format of my last post...i seem to be having trouble with the "code" section.
- hooleylistCirrostratusHi Reiss,
- Al_3585Nimbostratus
Reiss were you ever able to complete your login banner project? We have a similar need and would like to use it if you got it working. Trying not to "re-invent the wheel". Thx!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com