Forum Discussion
Posterus_85681
Sep 30, 2015Nimbostratus
Hi Stan,
This is what i have done to get around the issues you mentioned above. It works, but i don't know if its the most efficient way to do it or if it can be improved. I can come back into the same access session by presenting a cookie (this is how i execute the OTP verification)
when HTTP_REQUEST { HTTP::header insert "clientless-mode" 1
set otp_generated [ACCESS::session data get "session.otp.assigned.val"]
set otp_to_verify [HTTP::header otp]
set otp_status "failed"
if { ($otp_to_verify) equals ($otp_generated) }
{ set otp_status "success" }
if { ([HTTP::header otpmode] equals "generate") }{}
if { ([HTTP::header otpmode] equals "verify") }
{ HTTP::respond 200 otp_status $otp_status Connection Close }
}
when ACCESS_SESSION_STARTED { ACCESS::session data set "session.custom.otpmode" [string trim [HTTP::header otpmode]] }
when ACCESS_POLICY_COMPLETED { ACCESS::respond 200 OTP [ACCESS::session data get "session.otp.assigned.val"] SID [ACCESS::session data get "session.user.sessionid"] Connection Close } }