hello buddy
your application must surely push the indentifiants (POST) that's why you do not see them.
So to capture the POST DATA you have to collect data (HTTP::collect):
https://devcentral.f5.com/wiki/iRules.HTTP__collect.ashx
I write you an irule that allow you to capture POST DATA. As you can noticed I use a catch that allow us to avoid TCL error.
Suppose your content length header don't exist we will have an empty value which will cause a tcl error and the user will receive a reset.
that's why I also conditioned the capture only on the post method to be sure to have content in the query. I advise you to add an additional condition with Login page URI (URI Post credentials)
when HTTP_REQUEST {
set post 0
if { [catch {
set content_length [HTTP::header value Content-Length]
set post 1
HTTP::collect $content_length
if { $content_length > 0 && $content_length < 1048577 } {
set collect_length $content_length
} else {
set collect_length 1048576
}
} ] } {
log local0. "no content length - no data in post"
}
}
when HTTP_REQUEST_DATA {
if {$post} {
set postpayload [HTTP::payload]
log local0. "uid: $::uid - post payload: $postpayload"
HTTP::release
}
}
So once you had capture POST (Credential information), you have to retrieve username and password with an regex or other depending of data that you retrieve.
You can provide me data retrieve (by hiding the credentials of course) and I will give you the second part:
- regex to retrieve credentials.
- pass your Policy in clientless mode
- ...
Last point I don't test my irule, I wrote it on the fly. if it misses a {} or other i let your fix it.
So I'm waiting your feedback to go ahead,
Regards