For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

maheshwar_56923's avatar
maheshwar_56923
Icon for Nimbostratus rankNimbostratus
Mar 15, 2009

Password Encryption on BIGIP

Hi,

 

 

I would appreciate if anyone can help me in find out solution to my requirement.

 

 

Requirement :

 

 

This is for Authentication.

 

 

1. User will provide user name and password and valid CSI via up2date client.

 

2. up2date client POSTs XML-RPC data over HTTPS

 

3. BIG-IP rewrites incoming XML-RPC POST request,encrypting password

 

4. Database decrypts password

 

 

 

Here my requirement is BIGIP should encrypt password and send it to DATABASE server. And DATABASE server will decrypt the password.

 

 

Any solution to this?

 

 

Regards
config
design

1 Reply

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Mar 16, 2009
    Hello,

     

     

    You can encrypt arbitrary HTTP (or decrypted HTTPS) data using LTM. You can do this using the AES::encrypt function (Click here). You can replace a string in the request payload using a stream profile and STREAM::expression based iRule. You can check the STREAM::expression wiki page for details (Click here). Note that if you want to replace request content, you would want to enable the stream filter in the HTTP_REQUEST event.

     

     

    Aaron