For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

lunitic_56137's avatar
lunitic_56137
Icon for Nimbostratus rankNimbostratus
Apr 20, 2017

Parsing the Token from the password field in Edge Client

We have a scenario where the F5 Custom Client is using the API call for "OpenSession( )" which only has two fields for credential mapping. Username and Password. We are also using a token and input...
application delivery
BIG-IP Access Policy Manager (APM)
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Apr 20, 2017

Hi,

is the password length 14 characters? do or the only fixed length is the token?

you can use the following

session.logon.last.ldappassword (secure)= 

set password [mcget -secure {session.logon.last.password}];
set tokenid [expr {[string length $password] -6 }];
set ldappassword [string range $password 0 $tokenid-1];
unset password tokens;
return $ldappassword;

session.logon.last.tokenpassword (secure)= 

set password [mcget -secure {session.logon.last.password}];
set tokenid [expr {[string length $password] -6 }];
set tokenpassword [string range $password $tokenid end];
unset password tokens;
return $tokenpassword;

Edit : I added semicolon at the end of each line. when editing expression, commands are set on one line.