How to pass credentials via scripts

Question

Hello,&nbsp;
We recently rolled out f5 APM in front of our public facing websites.  We have several clients that use bots or scripts (.NET c code, actually) to "web scrape" data from our HTML pages.&nbsp;
Is there a way to set-up APM so that they can pass credentials with their requests and have them authenticated, without having to be presented a manual login page?&nbsp;
Thanks
-Mike&nbsp;

stewart · Answer

Hi Mike, &nbsp;
You don't have to have a login page to use APM.&nbsp;
One idea would be to use a client certificate check when your clients access your public facing websites.  If they have a client certificate, that you issue, they get through and can scrape away.&nbsp;
Stewart.&nbsp;

matt_dierick · Answer

Yes you can from 11.4. You can use an irule to create a Access Session based on uri or something else. You can retrieve the credential in the header for instance and create the session. Irule commands are ACCESS::session create and ACCESS::policy evaluate.

Forum Discussion

How to pass credentials via scripts

2 Replies

Recent Discussions

[ASM] - what is "Browser Challange file" ?

Rewrite uri translation not working

no available managed rule groups for Israel il-central-1

About shun list for L7 DDoS?

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

Related Content

Passing Arguments to iCall Scripts

OWASP Automated Threats - Credential Stuffing (OAT-008)

Leaked Credential Check with Advanced WAF

Creating a Credential in F5 Distributed Cloud for Azure

XC - azure cloud Credentials issues