NimbostratusI am working on a project as the requirement , the BIG IP APM would authentication and authorization. As per the policy, the user would do ldap authentication and ldap query , after ldap query the username and password should be sent back to client in http respond to the users for other application access.please help me in creating this access policy
CirrocumulusI'd advise a rethink. You shouldn't be sending back the password to the browser (Ye you can argue that it's no more insecure than sending it from the client in the first place, but I'd counter that with the fact the client already has it, so don't add to the complexity by sending it back). If your BigIP is doing the A&A I don't see why you think it should be.
And what's the LDAP query for? (Auth with LDAP typically doesn't use a query).
NimbostratusPlease suggest
CumulonimbusIf you want to respond with variable values in http content, you can use this irule
when ACCESS_ACL_ALLOWED {
ACCESS::respond 200 content "
Authenticated
You are authenticated successfuly :
Username : TMM[ACCESS::session data get "session.logon.last.username"]
Password : TMM[ACCESS::session data get -secure "session.logon.last.password"]
" noserver
}