Forum Discussion

Mike_Roe_60070's avatar
Mike_Roe_60070
Icon for Nimbostratus rankNimbostratus
May 16, 2012

Integrating APM SSO with an existing webapp login form.

I need to initiate a SSO session on the F5 by logging onto an existing websphere application that posts j_username and j_password to the standard j_security_check servlet. The existing app is the current intranet login form and I have followed these instructions to capture at least the username and password (with a little augmentation)

 

 

https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086453/Web-Application-Login-Integration-with-APM.aspx

 

 

The problem is that Im now trying to use that user/pass to get into another (JBOSS) webapp that uses basic auth and not trying to resource assign. additionally when I capture the username and password I cannot get it inserted into the access session as it has already been created when I access the login form rather than when I post to j_security_check. Any suggestions on how to proceed?

 

security

1 Reply

Sort By
  • Walter_Kacynski's avatar
    Walter_Kacynski
    Icon for Cirrostratus rankCirrostratus
    Aug 21, 2014

    I use this in an iRule to force an HTTP Authorization header to be sent to the backend server

    when ACCESS_ACL_ALLOWED {
    set user [ACCESS::session data get "session.sso.token.last.username"]
    set password [ACCESS::session data get "session.sso.custom.last.password"]
    set authorization [b64encode $user:$password]
    set headerLine "Basic $authorization"
    HTTP::header insert "Authorization" $headerLine
}