Forum Discussion

Karthik_Krishn1's avatar
Karthik_Krishn1
Icon for Cirrostratus rankCirrostratus
Apr 29, 2016
Solved

F5 External Logon Page

Hello,

 

Is it possible to create an APM policy such that it would present the user with an external logon page, collect credentials and then POST to the correct backend system. Consider an SAP system with three backend application servers (VIP's). the user may hit any one of them depending on what they have to do and when they do they need to be presented with an external logon page, collect credentials and POST to the system they just tried to access.

 

I know this is possible if each VIP had it's own access policy. However in our case the same access policy is applied across all three VIP's and I need a way to identify which system the user wants to use ( based on links they click from within the primary portal) and then present,collect and post the credentials to the appropriate backend system. Is there a way to identify based on destionation IP or FQDN ?

 

Thanks,

 

karthik

 

  • expr { [string tolower [mcget {session.server.network.name}]] == "server1.domain.com"} -- Branch 1

     

    expr { [string tolower [mcget {session.server.network.name}]] == "server2.domain.com"} -- Branch 2

     

    expr { [string tolower [mcget {session.server.network.name}]] == "server3.domain.com"} -- Branch 3

     

4 Replies

  • Depending on which language your external logon page is coded in you could use the referrer header to know where to send them back to after they type the credentials.

     

    -Seth

     

  • expr { [string tolower [mcget {session.server.network.name}]] == "server1.domain.com"} -- Branch 1

     

    expr { [string tolower [mcget {session.server.network.name}]] == "server2.domain.com"} -- Branch 2

     

    expr { [string tolower [mcget {session.server.network.name}]] == "server3.domain.com"} -- Branch 3