Forum Discussion

Nimbostratus

Aug 25, 2015

Rewrite header "WWW-Authenticate: Basic realm="

I have a VS with a LDAP authentication profile. Because it is an app communicating with backend we want to surpress the authentication pop-ups the browser gives you when you hit a 401. We were thinki...

Employee

Aug 25, 2015

You can certainly rewrite an HTTP response header, but I'm curious how this would work if you changed the header value to Xbasic. When a server sends a 401 WWW-Authenticate response, it can send a value of Basic, Negotiate, NTLM, or Digest. These are generally the only "integrated" authentication methods that a browser will understand. In other words, upon receiving an "xbasic" authentication response, a browser is very likely going to simply fail. If, however, you're using the BIG-IP to authenticate to the server in another way, or the BIG-IP is sending the credentials on the user's behalf and you don't want the client to see the 401 response, you could simply drop these responses.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Rewrite header "WWW-Authenticate: Basic realm="

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

irule to replace Realm value for http response header WWW-Authenticate: Basic realm="IP address"

Rewriting Redirects

Rewriting iRules...LIVE!

Simple iRulesLX JSON rewrite

Rewrite Subdomain

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS