Forum Discussion

Nimbostratus

Jun 22, 2020

F5 ASM - Session and Login - Username and Password on different URLs

Hi All, I have application where username and password coming in two different URLs and when password is coming no username parameter is passed, seems application is storing username in cookie...

ASM Advanced WAF

security

youssef1

Cumulonimbus

Jun 22, 2020

Hi Abhisar,

to be honest i never had to do that, if I had to do it, I would do it the following way.

first of all i find a point in common between the 2 pages of authentificaiton.

I think you should have a session cookie or the CSRF token for example which should be similar to the 2 pages. you could perhaps confirm this point to us.

you could then set up a tab (you can use session tab or APM too) that records the session (username). and when you are redirected to (/user/authenticate.jsp) you would add the username parameter.

Do you understand the solution I offer you? if you need help to build the irule do not hesitate to ask me.

Keep me in touch.

regards

Abhisar
Nimbostratus
Jun 24, 2020
Hi Yousuf,

I would like to know more about "set up a tab" - you mean through iRule? I am not much familiar with iRules.

Forum Discussion

F5 ASM - Session and Login - Username and Password on different URLs

Recent Discussions

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Require username and password for virtual server

Unable to login on F5 GUI using default admin/admin username & password.

Password Safety & Security: Passwords vs. Passphrases

Ansible module to update BIG-IP root/admin passwords

Persist connection based on NTLM username