Is it possible to authenticate HTTP traffic in an iRule against the 'tmsh list auth user' user database?

Question

Is it possible to authenticate HTTP traffic in an iRule against the 'tmsh list auth user' user database?&nbsp;
I have a requirement to authenticate users but the client does not want a separate data-group of users to manage and off-box authentication is not an option.  They have existing mechanisms for password control of the standard F5 admin passwords and would like to keep using that for authenticating web traffic.  The users would have a 'No Access' role so they cannot use the F5 GUI or SSH.&nbsp;
Any advice appreciated.  Thanks!&nbsp;
Dave.&nbsp;

boneyard · Answer

im not 100% sure, but i don't believe this is possible. never seen anything, also not APM, which would make some sense to interact with the admin user db.

petewhite · Answer

Yes, it can be done with APM - https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/13.html?sr=45894627&nbsp;

Forum Discussion

Is it possible to authenticate HTTP traffic in an iRule against the 'tmsh list auth user' user database?

2 Replies

Recent Discussions

Failed to convert character dclid=%EDclid!

ASM - Parent policy vs OWASPcompliance

Rewrite uri translation not working

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

APM OCSP Responder Issues

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Edge to Pulse: IP Geolocation Database Migration

Doing mTLS Authentication per URL

Distributed caching of authentication requests with NGINX Ingress Controller

Is f5 bigip asm policies(ip geolocation) database associated with Geoip database or ip intelligence?