Forum Discussion

Nuruddin_Ahmed_'s avatar
Nuruddin_Ahmed_
Icon for Cirrostratus rankCirrostratus
Jan 11, 2017

APM requirement

Hi, we are trying to configure external logon page for one requirement. External logon page will POST results to F5 APM and the flow of APM should be able to read these results and further flow based on the results. Example : if external logon page posts 1 then flow should move for AD authentication. If external logon posts 0 then authentication should end with deny. any help in achieving this would be great. Thanks

 

3 Replies

  • I think you want to use two-factor authentication. One is external logon page result, the other is APM. APM uses AD for authentication. Am I right?

     

  • Yes. External Auth page will post back the result in the form of true/false or 1/0 which apm needs to read and take decision.

     

    Thanks.

     

  • use this iRule to check if external logon is successful. If not, user cannot continue and the session is removed:

    hen HTTP_REQUEST {
     Check for post requests to the specific external logon URI
    if {[HTTP::uri] starts_with "/specific" && [HTTP::method] eq "POST"}{
    
     Collect up to 1Mb of request content
    if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } {
    set content_length [HTTP::header "Content-Length"]
    } else {
    set content_length 1048576
    }
    if { $content_length > 0 } {
     HTTP::collect $content_length
    }
    }
    }
    
    when HTTP_REQUEST_DATA {
     Parse the authenticated value from the collected payload
    set authenticated [URI::query "?[HTTP::payload]" authenticated]
    HTTP::release
    }
    
    when ACCESS_SESSION_STARTED {
    if { ![ info exists authenticated ] || authenticated == 0} {
    ACCESS::session remove
    }
    }