JSON Web Signature (JWS) verification

Question

Hi. Can LTM/ASM verify JSON Web Signatures (included as X-JWS-SIGNATURE in http header) against the payload?  
&nbsp;

samstep · Answer

X-JWS-SIGNATURE is not supported in ASM at the moment, it can be achieved by developing an iRule though if you have such a requirement. &nbsp;
Don't forget that ASM automatically adds a layer of digitally signed cookies kind of addressing the same problem for any traffic:&nbsp;
https://support.f5.com/csp/article/K6850&nbsp;
Hope this helps,&nbsp;
Sam&nbsp;

Forum Discussion

JSON Web Signature (JWS) verification

1 Reply

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

SSL Bridging verification

Support of WAF Signature Staging in F5 Distributed Cloud (XC)

BoT Defense Profile, Signature Enforcement

Google Authenticator Token Verification iRule For APM

Mitigating JSON-based SQL injection with BIG-IP ASM / Advanced WAF Attack Signatures