Forum Discussion
jk_44172
Nimbostratus
NimbostratusPost Credentials to web site.
Hi All
I have a question to see if anyone knows to best way to post generic credentials to a website when it give a 401 error and prompts for Creds? The scenario is that we have a web site that uses AD authentication to allow access. I need to make that accessible to some users that dont have credentials to the website, So when the 401 comes in I need to pass some generic credentials to it. I have already talked to the APM guys and have been told they can't do it and that it might be done from an iRule.
Any Help on this would be greatly appreciated.
Thank,
JK
2 Replies
- Hi JK
You could do a "Variable Assign" in the APM policy and set the "sesion.logon.last.username" and the "session.logon.last.password" to equal a generic username and apssword.
Of course doing this in the main baranch of the policy would mean all users will now logon to the website with the generic credentials that you have forced on them.
To avoid that you would need to build some logic into the policy to only do the manual username/password assignemnt for a particular set of users. Maybe based off the subnet they are connecting from (or some other way to refine who gets the generic assignment of username/password)
Have a search on devcentral for session.logon.last.username - there are a few example of people doing manipulation and substitution of these variable to suit their needs.
There is also a solution that talks to doing a POST from credentials captured on a different web pag logon (not sure if this is relevant to your setup) https://devcentral.f5.com/wiki/APM.AcceptPostedCredsfromExternalSite.ashx
HTH 
jk_44172Thanks GbbAus
The variable Assign in the APM policy works like a champ the code is as follows
Add new entry
session.logon.last.username = expr {"userid"}
then add another new entry
session.logon.last.password = expr {"password"}
Replace the userid with the real users ID and also replace password with the password for the account.
