I've setup an Http auth server that gives back a response which includes auth status and application rights
the response looks like an XML file
app1;app2,app3
status
...
Are you connecting to the http auth server via a sideband irule? Or external login page?
With a sideband irule, it's as easy as using "ACCESS::session data set".