smilanko_261688
Jul 07, 2016Cirrus
Clientless mode failing to interact with AD
Scenario:
I have a webserice that is being called by some clients. When they hit a webservice, they should enter in a username / password combo for basic authentication. Those credentials should be taken by the APM, and processed in active directory. Here is an image of the flow:
Per this conversation, I am creating this IRule to promt for username/password credentials and allow the APM to perform work.
when HTTP_REQUEST {
set apmsessionid [HTTP::cookie value MRHSession]
if { [HTTP::cookie exists "MRHSession"] } {set apmstatus [ACCESS::session exists -state_allow $apmsessionid]} else {set apmstatus 0}
if {!($apmstatus)} {
Insert Clientless-mode header to start APM in clientless mode
if { [catch {HTTP::header insert "clientless-mode" 1} ] } {log local0. "[IP::client_addr]:[TCP::client_port] : TCL error on HTTP header insert clientless-mode : URL : [HTTP::host][HTTP::path] - Headers : [HTTP::request]"}
}
}
when ACCESS_POLICY_COMPLETED {
Authentication request for non bowser user-agent session denied
if { ([ACCESS::policy result] equals "deny") } {
ACCESS::respond 401 noserver WWW-Authenticate "Basic realm=\"My Web Services Authentication\"" Connection close
ACCESS::session remove
return
}
}
However, following that post and using that code, always leads me to the Deny portion. If I use the original solution here, I am able to authenticate successfully.
Am I missing something to add?