One Time Passwords via an SMS Gateway with BIG-IP Access Policy Manager
One time passwords, or OTP, are used (as the name indicates) for a single session or transaction. The plus side is a more secure deployment, the downside is two-fold—first, most solutions involve a ...
Published Feb 08, 2011
Version 1.0JRahm
Admin
Joined January 20, 2005
JRahm
Admin
Joined January 20, 2005
Kristoffer_O_52
Nov 13, 2012Nimbostratus
Hi AJ and zafer
Looks like the comment form malformed the code.
I just tried this code in 11.2.1
when ACCESS_POLICY_AGENT_EVENT {
expr srand([clock clicks])
set tmpKey [CRYPTO::keygen -alg random -len 128 -passphrase [AES::key 128] -rounds 2]
set otp [string toupper [string range [b64encode $tmpKey] 0 5]]
set mail [ACCESS::session data get "session.ad.last.attr.mail"]
set mobile [ACCESS::session data get "session.ad.last.attr.mobile"]
set logstring mail,$mail,otp,$otp,mobile,$mobile
ACCESS::session data set session.user.otp.pw $otp
ACCESS::session data set session.user.otp.mobile $mobile
ACCESS::session data set session.user.otp.username [ACCESS::session data get "session.logon.last.username"]
log local0.alert "Event [ACCESS::policy agent_id] Log $logstring"
}