OpenSECURE

KNOWLEDGE BASE

F5 - IRule APM 401 Basic auth

IRule to create a basic auth reponse for your APM policy


when HTTP_REQUEST {
        if { [HTTP::cookie exists "MRHSession"] } {
        set apmstatus [ACCESS::session exists -state_allow [HTTP::cookie value MRHSession]]}
        else {set apmstatus 0}

        if { !($apmstatus)} {
            if { [ string match -nocase {basic *} [HTTP::header Authorization] ] == 1 } {
                set usr [HTTP::username]
                set usr_nodomain [ lindex [split $usr "@"] 0]
                set pass [HTTP::password]
                log local0. "SEE: $usr : $usr_nodomain"
            } else {
                HTTP::respond 401 noserver WWW-Authenticate "Basic realm=\"[HTTP::host] Authentication\"" Set-Cookie "MRHSession=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/" Connection close
                return
            }
        }
}


when ACCESS_SESSION_STARTED {
            if { !($apmstatus)} {
              ACCESS::session data set "session.logon.last.username" $usr_nodomain
              ACCESS::session data set -secure "session.logon.last.password" $pass
              ACCESS::session data set "session.logon.last.domain" "domaintest.local"
      }
}
BACK