Revocation Status in HTTP Request Header
I'm setting up a web app that will use the EDIPI to validate my user's accounts. I think I have a working udnerstanding of how that'll work--I'm going to be setting up a iRule to forward the users EDIPI to the server. (see here) It dawned on me that I'm not really sure how that process works with the revokation status. If their CAC is revoked will CLIENTSSL_HANDSHAKE or HTTP_REQUEST_RELEASE fire? I'm picturing still getting their EDIPI off the CAC and setting that in the header, but also getting their revocation status and putting a yes/no in the header for "x-revoked". I could easily then check that in my server code. I believe that's how that works with Cloud 1. Is that the way I'd do that, or would the best practice be to just not send their request at all somehow?Solved484Views0likes2Comments