Token based ACL in header

Question

Is it possible to configure below on LTMs?

Implement token based ACL in header (which web server/LB checks before allowing access to websites). This token needs to be valid for a very short time and should automatically expire after say 7 days, this blocking access to ACC (unless renewed for another testing). The client’s needs to send this secret token in HTTP header to be able to access this website.

Thanks

boneyard · Answer

sure, shouldn't be that hard. BIG-IP can check the header for sure. it can check if the token is allowed in table and once it is used start a timer.

main thing is how to determine which tokens are valid and how the users get them. if you want to automate that things become more tricky, but it probably can be build.

Forum Discussion

Token based ACL in header

1 Reply

Recent Discussions

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Related Content

Demystifying iControl REST Part 6: Token-Based Authentication

iControl REST Authentication Token Management

Bot Signature based on the referer header

set TOKEN [getfield [HTTP::uri]

api token timeout change