Forum Discussion
CirrostratusPassing HTTP Authorization header thru APM
I have some legacy, API type, clients that supply an HTTP Authorization header as part of their initial request. In this manner, the server does not reply with a 401 since the header is offered per-emptivly.
Is there a way to capture this information and perform an SSO against a backend application without sending a client redirect to /my.policy?
3 Replies
Arnaud_LemaireEmployee
yes but with a small irule. you need to add a specific headed which will tell the apm module that the session is not interactive.
when HTTP_REQUEST { HTTP::header insert "clientless-mode" 1 }in this case the APM will not redirect the user, but you will have by yourself in the irule to look for authentication information, decode it and assign it to APM variable. this can be done by adding a irule event aggent in the VPE, and set the session.logon.last.username and pasword in the irule event.
- Walter_Kacynski
Perfect, I will try this out. I wonder why this header is mentioned no where in the product documentation.
- Walter_Kacynski
This is a helpful answer now that I know about this option:
https://devcentral.f5.com/questions/apm-clientless-mode
