Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Token based ACL in header

Ashu_Aggarwal
Cirrus
Cirrus

Is it possible to configure below on LTMs?

Implement token based ACL in header (which web server/LB checks before allowing access to websites). This token needs to be valid for a very short time and should automatically expire after say 7 days, this blocking access to ACC (unless renewed for another testing). The client’s needs to send this secret token in HTTP header to be able to access this website.

 

Thanks

1 REPLY 1

boneyard
MVP
MVP

sure, shouldn't be that hard. BIG-IP can check the header for sure. it can check if the token is allowed in table and once it is used start a timer.

 

main thing is how to determine which tokens are valid and how the users get them. if you want to automate that things become more tricky, but it probably can be build.