LTM Client Authentication

Question

If i want users accessing VIP to be asked for user/password , Just simple pop up before they access the server
Can i do that with only LTM without APM ?&nbsp;

kevin_stewart · Answer

Certainly. At a bare minimum you can do this:
when HTTP_REQUEST {
    if { not ( [HTTP::header exists Authorization] ) } {
        HTTP::respond 401 WWW-Authenticate "Basic realm=\Secured Area\""
    }
}

This will display a Basic authentication dialog on first request. If you then want to actually validate what the user enters, then take a look at this post:
https://devcentral.f5.com/articles/http-basic-access-authentication-irule-style

sshssh_97332 · Answer

What if i want to Authenticate from External server ?&nbsp;

andrew_husking · Answer

Have you considered turning on auth on what ever the VIP is load balancing? Or look at APM&nbsp;

kevin_stewart · Answer

What if i want to Authenticate from External server ?&nbsp;

in this case, once you've collected the credentials, you'd need to post those somehow to your remote auth service. How you do that depends on what that remote auth service requires. Otherwise, as Andrew suggested, APM would be an excellent choice.&nbsp;

Forum Discussion

LTM Client Authentication

4 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

can you help with getting a BigIP virtual edition serial key

VIP in https that redirect to another vip in https

In Using the AST tool am I pointing it to TENANTS or to the F5OS(hardware) I have?

2026 is Almost Here

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Related Content

SSL Profiles Part 8: Client Authentication

Configuring APM Client Side NTLM Authentication

BIG-IQ Client Certificate (PKI) Authentication

Selective Client Cert Authentication

Client SSL Authentication on BIG-IP as in-depth as it can go

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS