For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Squeak's avatar
Squeak
Icon for Cirrus rankCirrus
Oct 06, 2021

Send cookie to client after authenticated by APM

Hi,   I´ve a scenario that requires that the APM sends a cookie back to the client after the user has been authenticated by the APM but before the user "hits" the backend server.   Normally I...
application delivery
BIG-IP Access Policy Manager (APM)
iRules
kgaigl's avatar
kgaigl
Icon for Cirrocumulus rankCirrocumulus
Oct 18, 2021

we've an IRule like this:

when ACCESS_ACL_ALLOWED {
   set user [ACCESS::session data get "session.logon.last.username"]
}
when HTTP_REQUEST_RELEASE {
               HTTP::header insert "X-Forwarded-User" $user
}
when HTTP_RESPONSE_RELEASE {
    log local0. "[HTTP::status] [HTTP::header "Location"]"
}

so maybe you can change this to your needs, for example instead of "header insert" "cookie insert"

Squeak's avatar
Squeak
Icon for Cirrus rankCirrus
Oct 18, 2021

Hi kgaigl and thank you for your reply.

I want the APM to send back a cookie after the client are authenticated but before the client reaches the backend server, so I can´t use 

when HTTP_RESPONSE_RELEASE

or 

when HTTP_RESPONSE

Any more ideas?

//Mikael