One Time Passwords via an SMS Gateway with BIG-IP Access Policy Manager

One time passwords, or OTP, are used (as the name indicates) for a single session or transaction. The plus side is a more secure deployment, the downside is two-fold—first, most solutions involve a ...

Published Feb 08, 2011

Version 1.0

adn

automation

BIG-IP

BIG-IP Access Policy Manager (APM)

Admin

Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.

Admin

Nimbostratus

Nov 13, 2012

Hi AJ and zafer

Looks like the comment form malformed the code.

I just tried this code in 11.2.1


when ACCESS_POLICY_AGENT_EVENT {
expr srand([clock clicks])
set tmpKey [CRYPTO::keygen -alg random -len 128 -passphrase [AES::key 128] -rounds 2]
set otp [string toupper [string range [b64encode $tmpKey] 0 5]]
set mail [ACCESS::session data get "session.ad.last.attr.mail"]
set mobile [ACCESS::session data get "session.ad.last.attr.mobile"]
set logstring mail,$mail,otp,$otp,mobile,$mobile
ACCESS::session data set session.user.otp.pw $otp
ACCESS::session data set session.user.otp.mobile $mobile
ACCESS::session data set session.user.otp.username [ACCESS::session data get "session.logon.last.username"]
log local0.alert "Event [ACCESS::policy agent_id] Log $logstring"
}

One Time Passwords via an SMS Gateway with BIG-IP Access Policy Manager

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS