For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MDPF52_180608's avatar
MDPF52_180608
Icon for Nimbostratus rankNimbostratus
Sep 03, 2015

problem with HTTP auth (APM)

Hello,   I tried to configure the HTTP Auth object on the APM Access Policy. There is some strange issue that I am not able to identify.   I tried to make the POST request from an HTTP request ...
Michael__'s avatar
Michael__
Icon for Nimbostratus rankNimbostratus
Sep 04, 2015

Hi,

Lets see if i got the problem right 🙂

Sounds to me as the 302 returned by the APM is the redirect to /my.policy which is the normal behavior with apm. To suppress the redirects from APM you could use "clientless-mode"

when HTTP_REQUEST {

      enable the clientless-mode so that users will not follow 302 used by APM
     HTTP::header replace "clientless-mode" 1
}

maybe this helps to solve your issue.

Regards

Micha

MDPF52_180608's avatar
MDPF52_180608
Icon for Nimbostratus rankNimbostratus
Sep 04, 2015
Thank you Michael! I will try to explain better...so: The HTTP POST is the request that is sent by the HTTP Auth object in the APM Policy, the request that the BIG-IP sends to the Web Server. Currently, I am trying to figure if there is some HTTP header that is required from the Web Server in order to accept the POST request but at the moment the situation is the following: HTTP Requester client - POST Request OK (Elements: 1. Content-Type Header: application/x-www-form-urlencoded 2. Custom apm header : %apmvariable) 3. Body with data) Can you suggest me something? Thanks in advance, Regards.