Forum Discussion

Nimbostratus

Jan 10, 2014

Security issue using two different authentication methods with the same ntlm domain (SSO)

Hello fellows, I have run across a security issue with two web servers using the same ntlm domain for authentication (APM) on our F5 BIGIP Version 11.4.1. ServerA contains critical informat...

BIG-IP Access Policy Manager (APM)

Nimbostratus

Mar 06, 2014

So, getting physical... I would need some help setting up an irule, as I am a miserable programmer...

The steps of the script would be:

detect that there is a request from an existing session

verify that

session.securid.last.state

has the value

SECURID_AUTH_STATE_ACCESS_ACCEPTED

if yes: let it pass on
if no: redirect to apm logon page

This irule would be attached to the virtual server with the securid requirement.

Anybody a draft for a script that I can start from? O:-)

Regards, Alexander

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Security issue using two different authentication methods with the same ntlm domain (SSO)

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Mitigation of OWASP API Security Risk: Broken Authentication using F5 XC Platform

Auditing Security Policy Updates

Minimizing Security Complexity: Managing Distributed WAF Policies

Get Started with WAAP Security Incidents

My Security+ Certification Journey

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS