Form Based SSO for Dynamically built HTTP forms
Published Oct 16, 2018
Version 1.0Was this article helpful?
Hi Yann, thanks for updating. I stumbled into another error. An user was using the ampersand character in the password. The solution in this case was to use
URI::encode
the password. The client was already sending the Content-Type: application/x-www-form-urlencoded
header, so there was no need to add this header. See the changes in the HTTP_REQUEST_DATA event below.
set password [URI::encode [ACCESS::session data get -secure session.sso.token.last.password]]
set newpayload [string map [list "f5-sso-token" $password] $payload]