Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

API Endpoint on LTM

Mick
Altocumulus
Altocumulus

‎15-Sep-2021 22:27

Hi

 

I'm trying to come up with a solution to meet the following flow/requirement:

 

  1. LTM presents a VIP that is an API endpoint for a web server
  2. Client requests authentication using json body, e.g. https://1.2.3.4:443/api/auth  -H 'Content-Type = application/json'  -d '{ "username": "testuser", "password": "testpwd", "clientContext": 1 }'
  3. APM does LDAP authorization on behalf of the web server using the username and password in the body
  4. Once authorized, F5 provides token/cookie to client for further API calls.

 

I have tried various combinations of solutions but cannot find a way to do this simply. Looked at API endpoint protection, APM policies, iRules, can't seem to get this simple use case working...

 

Thanks

Mick

Labels:
0 Kudos
2 REPLIES 2

Daniel_Wolf
Nacreous
Nacreous

‎17-Sep-2021 01:00 - last edited on ‎24-Mar-2022 01:27 by Fog

Hi ,

 

I think you could use iRulesLX to parse the JSON body, set username and password as APM session variables, do LDAP Auth and then F5 sends the APM session cookie to the client.

 

KR

Daniel 

0 Kudos

Mick
Altocumulus
Altocumulus

‎26-Sep-2021 14:46

thanks I ended up getting this working with an irule

0 Kudos
Copyright © 2023 Khoros, LLC