Forum Discussion
Rosieodonell_16
Cirrus
CirrusTrying to mimic the webmail private and public computer settings using an irule
Found this article online:
https://devcentral.f5.com/articles/add-outlook-web-access-login-options-to-the-apm-logon-page
However it seems to only work with Basic forms and I am using an NTL...
If you're not using forms in OWA, you have to access those options by inserting some special headers. This is the same thing that Forefront/TMG/whatever does when it does Forms Auth --> HTTP Auth. Like you're doing with APM.
Two headers "X-Experience" and "X-LogonType" control it:
X-Experience can be "premium" or "light". X-LogonType can be "public" or "private".
To append the headers, you'd set a custom (whatever you want) session variable during Access Policy execution, then you can use something like this on the APM vs:
when ACCESS_ACL_ALLOWED {
if { [ACCESS::session data get "session.somecustomvariableyoucansetintheaccesspolicy"] contains "somevalueyousetforlightmode" } {
HTTP::header replace "X-Experience" "light"
}
else {
HTTP::header replace "X-Experience" "premium"
}
}
- Kai_Wilke
MVP
Hi Lucas, the outlined code to mimic the "X-Experience" functionality of Forefront TMGs is not complete/correct. The valid "X-Experience" header values are "Premium" or "Basic". In addition a Forefront TMG changes the User-Agent-header value to a non-MSIE browser if Light-Mode is selected. The Public/Private-Mode setting of Forefront TMGs has beside of the "X-LogonType"-Headers some additional server-side (aka. TMG) and also client-side (aka. Browser) functionality. Basically it enables two independent TMG-Login-Cookie profiles to controll the Max-Session-Lifetime/Max-Session-Timeout and also enables persistent cookies for the private mode (e.g. required for SharePoint Browser/Office SSO Scenarios). In addition the Private-Mode stores the last-entered username string into a client-side generated cookie to autofill the username for subsequent logons. Cheers, Kai
