F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

michael_61082's avatar
michael_61082
Icon for Nimbostratus rankNimbostratus
May 07, 2010

Single Sign On - Cookie + Basic Auth

I am currently using an ISAPI filter, basic authentication, and a cookie to achieve single sign on for a portfolio of web applications/servers. I'd like to be able to cut out the ISAPI filter for ea...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
May 11, 2010
Hi Michael,

 

 

That seems fairly reasonable to achieve in an iRule. I don't think it would be a simple iRule to start with though. If you want LTM to authenticate the client requests against an LDAP database, you'd need to get the Advanced Client Authentication module. You can check with an F5 salesperson or partner to find out how much that would cost (http://www.f5.com/howtobuy).

 

 

One small note: base64 encoding wouldn't encrypt or secure the username/password. If you want to store the user/pass in a reversible form in a cookie, you'd probably want to encrypt, base64 encode and then URL encode the values.

 

 

http://devcentral.f5.com/wiki/default.aspx/iRules/AES__encrypt.html

 

http://devcentral.f5.com/wiki/default.aspx/iRules/b64encode

 

http://devcentral.f5.com/wiki/default.aspx/iRules/uri__encode

 

 

Aaron