Add Outlook Web Access Login Options to the APM Logon Page

Outlook Web Access is the web interface to the Microsoft Exchange environment, and many customers have secured the portal behind their BIG-IP APM architecture. In looking at the OWA logon page, howev...
Published Apr 23, 2013
Version 1.0
BIG-IP Access Policy Manager (APM)
dev
events
news
security
tech tip
Lucas_Thompson_'s avatar
Lucas_Thompson_
Historic F5 Account
Jan 29, 2014
The other way to accomplish this is to simply add headers into the client request, in case you need to use HTTP authentication instead of Forms. Two headers "X-Experience" and "X-LogonType" control OWA's behavior:

 

 

X-Experience can be "premium" or "light".

 

X-LogonType can be "public" or "private".

 

 

This is the method that ISA server uses.

 

 

To append the headers, you can use something like the following on the APM vs:

 

 

when ACCESS_ACL_ALLOWED {

 

if { [ACCESS::session data get "session.somecustomvariableyoucansetintheaccesspolicy"] contains "somevalueyousetforlightmode" } {

 

HTTP::header replace "X-Experience" "light"

 

}

 

else {

 

HTTP::header replace "X-Experience" "premium"

 

}

 

}