Block access to apps by browser. Allow only iPhone or Android accesss
Customer has an application that they want access only through the mobile device app. They have recently found that the application can be accessed through any browser. We have configured the following iRule but it is not working: when HTTP_REQUEST { if { ([HTTP::header User-Agent] contains "iphone") or ([HTTP::header User-Agent] contains "Android") } { HTTP::redirecthttp://www.oursite.com} if { ([HTTP::header User-Agent] contains "(IE|Mozilla|Safari|Chrome|Opera)") } { drop } } Any ideas how to achieve this? Thanks
Iphone error using APM SAML
Greeting all, I’ve federated with Office 365, I used an iApp () to accomplish it. It works as expected for internal and external clients, except for iPhones (current version of iOS). The iApp was modified to allow for Kerberos SSO internally. Externally it uses HTTP basic. I opened a case with F5 support and we did some packet captures to see what the clients were posting to the SAML IdP. With an Android, the pcap looks like this: The above pcap includes an Authorization header. The iPhone request is different, and does not include that header: According to F5 Support, since the Authorization Header is missing from the POST on the iphone, the APM throws a redirect and the client barfs on that. The fallout of that is that client displays an invalid nonce error like this: F5 Support believes this is a bug in the iOS, I guess that wouldn’t be the first time! Has anyone come across this issue using the APM as an IdP for Office 365 as the SP and iPhone clients? Thanks for any suggestions you have. Cheers, Mike
Certificate based SSO from an iPhone for Exchange with APM
I need some help getting started. Here is my problem. When users Active Directory passwords expire, their accounts will often get locked out because their iPhone continues to access the account with the old password. I'd like to start deploying certs to my corporate iPhone users with our Boxtone MDM solution. Then I think I can use APM to authenticate the iPhone to AD and Exchange 2010 with the cert. Does thin make sense? Is there a writeup on how to build this?
