application-id
2 TopicsF5 CNF/SPK/BNK and etc. support for Custom URL classifications/apps/IPS signatures?
While I played with CNF/SPK/BNK and etc. I didn't see anything in the docks about this https://clouddocs.f5.com/cnfs/robin/latest/ I think it is important feature as if a URL is wrongly classified by Brightcloud DB to be able to add the url to custom URL category as for example to allow it. As shown in https://clouddocs.f5.com/cnfs/aon/latest/cnf-pe-url-categorization.html I think this is somewhere hidden as there is option called "customdb" , so maybe the downloader pod can be configured to pull the custom URL classification. As the irules for CNF do not support "HTTP_REQUEST" and "HTTP_RESPONSE" events as mentioned in https://clouddocs.f5.com/cnfs/openshift/latest/cnf-irule-crd.html this seems important. Outside of that Custom IPS signatures like for the normal AFM will be nice as there is IPS pod I think like the IP intelligence it could connect to external feed list that has the custom signatures (the same for the URL category) https://clouddocs.f5.com/cnfs/robin/latest/cnf-ipi-feedlist-crd.html For the custom apps that PEM uses with iRules ( https://techdocs.f5.com/en-us/bigip-14-1-0/big-ip-policy-enforcement-manager-implementations-14-1-0/creating-custom-classifications.html ) I am just mentioning this but I see less use cases than what I see with custom URL categories and custom IPS signatures. I did write to cnfdocs@f5.com as mentioned in the web documents. Hope they see it and as mentioned ""To provide feedback and help improve this document, please email us at cnfdocs@f5.com. "" 🙂10Views0likes0CommentsBIGIP OAUTH : Transmit "Application id" to backend server after a successful atuthentication
Hello @ all 🙂 I took over the management of a bigip (15.1.1) on which APM is configured, in particular to do OAUTH for partner applications. I'd like to know if it is possible to transmit used application id (from "Access ›› Federation : OAuth Authorization Server : Client Application " ) to backend server. Here is what I had understood about how it works (currently functionnal): External form, when "Authentication button" is clicked, redirect to a form hosted and managed with APM on our F5. An Access policy is used and when user is authenticated, the brower redirect to the external application using one of the defined url for the current Application ("Access ›› Federation : OAuth Authorization Server : Client Application " : Security settings/Redirect URL(s) ). Then, the next requests are authenticated. I'd like to know if it is possible (and how) add an information that could be transmitted to backend server to identify the used application. Little precision : we can't change the current behavior of the external app : it means that the solution should be on the BigIP. Thank you for your helpSolved1.6KViews0likes10Comments