Forum Discussion
cgallimore_1748
Nimbostratus
NimbostratusSend 401 response instead of redirecting to /vdesk/hangup.php3 page if credentials are invalid
I currently have an LTM-APM access policy setup to prompt the user for credentials, complete an AD auth and send them on to the backend server that hosts an api. I do have clientless-mode enabled via an iRule on the virtual server.
Our scenario is as follows: User has an app on their device that will save credentials to be passed with the request for data from our API/Restful site. If the user's password expires the api site should respond back with a 401 response in which case the app will then prompt for the users username/password again, but the APM redirects them to /vdesk/hangup.php3.
Does anyone have any suggestions on what to try here to get the 401 response if the credentials are incorrect?
Current policy
Thanks in advance.
You can have AD Auth -> fallback go to iRule event which then triggers an irule
https://devcentral.f5.com/wiki/iRules.ACCESS_POLICY_AGENT_EVENT.ashx
in the irule you can send a 401 and remove the access session.
Stanislas_Piro2Cumulonimbus
Hi,
You can use this irule replying with 401 instead redirecting to /vdesk/hangup.php3
when ACCESS_POLICY_COMPLETED { if { [ACCESS::policy result] equals "deny" } { ACCESS::respond 401 noserver WWW-Authenticate "Basic realm=\"Basic Authentication"" Connection close ACCESS::session remove return } }
