Suppress MFA for a period of time

Problem this snippet solves: This code snippet can be used if you want to suppress MFA for a period of time. This solution uses an encrypted persistent cookie, that will be set at a successful MFA l...

Published Jul 16, 2019

Version 1.0

application delivery

BIG-IP Access Policy Manager (APM)

iRules

security

Niels_van_Sluis

MVP

Joined May 15, 2019

View Profile

Niels_van_Sluis

MVP

Mar 28, 2021

I just tested the original iRule as shared with the community and it seems to be working fine in 14.1.4. One thing I notice in your version is that you removed the conditional 'set cookie' from the HTTP_RESPONSE part. The original version only sets a cookie when an user has successfully performed the MFA. Your version sets the cookie every time the HTTP_RESPONSE is being triggered. This doesn't seem right to me.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Suppress MFA for a period of time

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS