Example passing information to a application from APM
I guess this is more of a request for a how would I question then anything and hopefully example articles or blogs exist already.
What I would like to understand is after authenticating someone via APM how do I pass like the user information to the application, basically very very simple sso.
So maybe a some simple helloworld webcode that goes hello 'username' and maybe as a second step ignoring https what would be the correct way to encrypt that info maybe as a cookie?
And a little more advanced how you would do this with a simple app with username + password boxes so the APM would prefill the login with the info it already has ie sso.
Thanks in advance
Hi Ravager,
Your question inspired me to do some testing with passing APM session variables into sessionStorage. First I created an iRule to add the APM session variable into the sessionStorage of the webbrowser. And a simple webpage to query the browsers sessionStorage.
iRule:
when ACCESS_POLICY_COMPLETED { set username [ACCESS::session data get session.logon.last.username] set html "<!DOCTYPE html>" append html "<body onload=\"location.reload()\"></body><script lang=\"javascript\">" append html "if (typeof(Storage) !== \"undefined\") \{" append html "sessionStorage.setItem(\"username\", \"$username\");" append html "\}</script></html>" ACCESS::respond 200 content $html }
HTML to put on the webserver:
<!DOCTYPE html> <html> <body> <div id="result"></div> <script> if (typeof(Storage) !== "undefined") { document.getElementById("result").innerHTML = "Username: " + sessionStorage.getItem("username"); } else { document.getElementById("result").innerHTML = "Sorry, your browser does not support Web Storage..."; } </script> </body> </html>
Here you can see the username is put into the browsers sessionStorage.
Like always with the F5 BIG-IP, there is more than one way to do it. For example, you could also use HTTP Headers to pass information from APM to the web application. See:
K74392192: How to insert APM Variables in backend headers to the application server