Forum Discussion

jk_44172's avatar
Icon for Nimbostratus rankNimbostratus
Jun 06, 2012

Post Credentials to web site.

Hi All



I have a question to see if anyone knows to best way to post generic credentials to a website when it give a 401 error and prompts for Creds? The scenario is that we have a web site that uses AD authentication to allow access. I need to make that accessible to some users that dont have credentials to the website, So when the 401 comes in I need to pass some generic credentials to it. I have already talked to the APM guys and have been told they can't do it and that it might be done from an iRule.




Any Help on this would be greatly appreciated.












2 Replies

  • gbbaus_104974's avatar
    Historic F5 Account
    Hi JK



    You could do a "Variable Assign" in the APM policy and set the "sesion.logon.last.username" and the "session.logon.last.password" to equal a generic username and apssword.


    Of course doing this in the main baranch of the policy would mean all users will now logon to the website with the generic credentials that you have forced on them.



    To avoid that you would need to build some logic into the policy to only do the manual username/password assignemnt for a particular set of users. Maybe based off the subnet they are connecting from (or some other way to refine who gets the generic assignment of username/password)



    Have a search on devcentral for session.logon.last.username - there are a few example of people doing manipulation and substitution of these variable to suit their needs.



    There is also a solution that talks to doing a POST from credentials captured on a different web pag logon (not sure if this is relevant to your setup)






  • Thanks GbbAus



    The variable Assign in the APM policy works like a champ the code is as follows



    Add new entry



    session.logon.last.username = expr {"userid"}



    then add another new entry



    session.logon.last.password = expr {"password"}




    Replace the userid with the real users ID and also replace password with the password for the account.