removing authorization header for LDAP

Question

Hi All, 
&nbsp;  
&nbsp; I have looked at some iRule examples that show show to remove the authorization http header but have some hard time making it to work. 
&nbsp;  
&nbsp; Basically, I have http traffic that needs to be authenticated using LDAP. But I want to remove the authorization http header on the server side. When the LDAP authentication is successful, the users are allowed to see the data. 
&nbsp;  
&nbsp; I tried "request header erase" on the http profile but it erases it even before the user gets authenticated. 
&nbsp;  
&nbsp; Also, I found the following irule in the forum but this also erases the authorization information from the header before the authentication. 
&nbsp;  
&nbsp; when HTTP_REQUEST priority 501 {  
&nbsp;  Remove the Authorization header after the system authorization iRule runs (at priority 500)  
&nbsp; if {[HTTP::header exists Authorization]} {  
&nbsp; [serverside {HTTP::header remove Authorization}]}  
&nbsp; }  
&nbsp;  
&nbsp; Any ideas? 
&nbsp;  
&nbsp; Meena 
&nbsp;  
&nbsp;

colin_walker_12 · Answer

I think what you're looking for is the AUTH_SUCCESS event.  You could set a variable in this event, then in the HTTP_RESPONSE event you could use the HTTP::header remove command if the variable is set, showing that an AUTH_SUCCESS event occured. This way you could remove the header on the server side, but only if the login worked. 
&nbsp;  
&nbsp; Sound about right? 
&nbsp;  
&nbsp; Colin

Forum Discussion

removing authorization header for LDAP

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

iRule to Remove Duplicate Header by Value

Remove X- Headers From Web Server Response

Remove the "Server" header

Resolve Citrix Secure Ticket Authority (STA)

ASM irule to disable attack signature authorization header with specific value

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS