Forum Discussion

Cirrostratus

Nov 20, 2014

Passing HTTP Authorization header thru APM

I have some legacy, API type, clients that supply an HTTP Authorization header as part of their initial request. In this manner, the server does not reply with a 401 since the header is offered per-...

BIG-IP Access Policy Manager (APM)

design

security

Arnaud_Lemaire

Employee

Nov 21, 2014

yes but with a small irule. you need to add a specific headed which will tell the apm module that the session is not interactive.

 when HTTP_REQUEST {
HTTP::header insert "clientless-mode" 1
}

in this case the APM will not redirect the user, but you will have by yourself in the irule to look for authentication information, decode it and assign it to APM variable. this can be done by adding a irule event aggent in the VPE, and set the session.logon.last.username and pasword in the irule event.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)