Suppress MFA for a period of time

Problem this snippet solves: This code snippet can be used if you want to suppress MFA for a period of time. This solution uses an encrypted persistent cookie, that will be set at a successful MFA l...

Published Jul 16, 2019

Version 1.0

application delivery

BIG-IP Access Policy Manager (APM)

iRules

security

Niels_van_Sluis

MVP

Joined May 16, 2019

View Profile

Niels_van_Sluis

MVP

Joined May 16, 2019

View Profile

Slayer001

Cirrus

Jul 19, 2019

Hi Niels,

I tried this iRule in our setup but it seems the HTTP_RESPONSE event is not hit when going to just the APM webtop after completing the VPE policy? When setting logging in this event it never gets triggered. I don't see the cookie appearing in the list of cookies.

Tried with HTTP_RESPONSE_RELEASE but that's already triggered when sending the session cookies back to the client which is to early.

Is there any other event that could be used?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Suppress MFA for a period of time

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS