I am trying to modify the existing post for ldap only authentication. It will be used in a dual auth rule with SSL. I would like to see what the results are for this instead of sys auth ldap I am currently using. I am having problems with the modified rule included below. The big ip will not contact the ldap server until I click stop in the browser toolbar. Could somebody tell me what I have done incorrectly?
when CLIENT_ACCEPTED {
set ldap_authed 0
}
when HTTP_REQUEST {
set username [HTTP::username]
set password [HTTP::password]
set asid_ldap [AUTH::start pam default_ldap]
AUTH::username_credential $asid_ldap $username
AUTH::password_credential $asid_ldap $password
AUTH::authenticate $asid_ldap
HTTP::collect
}
when AUTH_SUCCESS {
if {$asid_ldap eq [AUTH::last_event_session_id]} {
set ldap_authed 1
}
if {$ldap_authed == 1} {
HTTP::release
}
}
when AUTH_FAILURE {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
HTTP::respond 401
}
}
when AUTH_WANTCREDENTIAL {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
HTTP::respond 401
}
}
when AUTH_ERROR {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
HTTP::respond 401
}
}
Thank you for your help,
Rob