I need to setup HTTP auth/NTLM authentication. Much appreciation in advance. The app is posting this and is receiving an unexpected response: [2019-06-13T14:22:40.607513 #78983] INFO -- reques...
I’m not sure the HTTP 401 response agent is able to work in conjunction with NTLM Auth Result. The negotiate branch is typically used for Kerberos authentication. You should follow this cookbook to implement NTLM auth:
That's where I started with this but not being confident of what the developer is sending, thought I would try to put some more in the VPE.
set back to just ntlm
Added some logging (splunk formatted)
when HTTP_REQUEST {
if { [ACCESS::session data get session.ntlm.last.result] eq 1 } {
ECA::disable
} else {
ECA::enable
ECA::select select_ntlm:/Common/DC2-LTM-NTLM
}
# Get Client request and browser information
set pol_client_browser [HTTP::header User-Agent]
set pol_http_host [HTTP::host]
set pol_http_uri [HTTP::uri]
set pol_http_header [HTTP::request]
log -noname local0. "pol_client_browser=\"$pol_client_browser\" --pol_http_host=\"$pol_http_host\" -- pol_http_uri=\"$pol_http_uri\" -- pol_http_header=\"$pol_http_header\""
}
With logging set on this now, I can see the header data. Looks like the app is trying to get/use a token from the application behind the big-ip with the URI /api/1/tokens