Forum Discussion

Cirrus

Jul 07, 2016

Attempting to incorporate IRule basic auth with an access policy

Here is my scenario: Some webservice clients might hit a particular url. For the purpose of this question, lets say that is www.example.com/webserviceOne/one When they hit this, Basic Authenticat...

Cirrus

Jul 07, 2016

I solved my problem by using

when ACCESS_SESSION_STARTED

instead of

when HTTP_REQUEST

My IRule looks like this:

when ACCESS_SESSION_STARTED {

    if {[HTTP::username] eq "" || [HTTP::password] eq ""} {
        ACCESS::respond 401 WWW-Authenticate "Basic realm=\"EXAMPLE\""
        return
    } else {
        ACCESS::session data set "session.logon.last.username" [HTTP::username]
        ACCESS::session data set "session.logon.last.password" [HTTP::password]
    }

}

Recent Discussions

Disk space full - what files, folders are safe to delete?
Apr 27, 2024 rg-f5
ASM instance creation
Apr 27, 2024 Blue_whale
BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member
Apr 27, 2024 Cory_O
Open Redirection Mitigation
Apr 26, 2024 OM
F5Access | MacOS Sonoma
Apr 26, 2024 letakeda

Forum Discussion

Attempting to incorporate IRule basic auth with an access policy

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Detect and stop exfiltration attempts with F5 Distributed Cloud App Infrastructure Protection

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Overview of API Access Control and implementing API key access control with BIG-IP APM

API Security: How to implement API Access Control with F5

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator