Forum Discussion
hector_40668
Nimbostratus
Dec 17, 2010F5 replace string from "http" to "https" in jar files
Hi,
I am very new to F5 and I hope you guys here can help me out on this.
Recently we encounter some problems with files that are going thru the F5. It seems like when the client downl...
Tao_Liu_90341
Apr 07, 2005Historic F5 Account
I assume you trying to use a cookie to bypass authentication. In this manner, cookie should be set in HTTP_RESPONSE, so client will get it, otherwise HTTP server just would throw it away.
Here is a sample rule you can take a look. It is in database. Certainly, you can have it done in your own style.
when CLIENT_ACCEPTED {
set authinsck 0
set forceauth 1
set ckname BIGXAUTH
set ckpass 1xxx5678
set ckvalue [IP::client_addr]
set ckdomain .y.z
set asid [AUTH::start pam default_radius]
}
when HTTP_REQUEST {
if {[HTTP::cookie exists $ckname]} {
HTTP::cookie decrypt $ckname $ckpass 128
if {[HTTP::cookie value $ckname] eq $ckvalue} {
set forceauth 0
}
HTTP::cookie remove $ckname
}
if {$forceauth eq 1} {
AUTH::username_credential $asid [HTTP::username]
AUTH::password_credential $asid [HTTP::password]
AUTH::authenticate $asid
HTTP::collect
}
}
when HTTP_RESPONSE {
if {$authinsck eq 1} {
HTTP::cookie insert name $ckname value $ckvalue path / domain $ckdomain
HTTP::cookie secure $ckname enable
HTTP::cookie encrypt $ckname $ckpass 128
}
}
when AUTH_SUCCESS {
if {$asid eq [AUTH::last_event_session_id]} {
set authinsck 1
HTTP::release
}
}
when AUTH_FAILURE {
if {$asid eq [AUTH::last_event_session_id]} {
HTTP::respond 401 "WWW-Authenticate" "Basic realm=\"\""
}
}
when AUTH_WANTCREDENTIAL {
if {$asid eq [AUTH::last_event_session_id]} {
HTTP::respond 401 "WWW-Authenticate" "Basic realm=\"\""
}
}
when AUTH_ERROR {
if {$asid eq [AUTH::last_event_session_id]} {
HTTP::respond 401
}
}