Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

customize logon page

Hi all - This post from 2014 is what I'm looking for an update for in v 11.5.

Is there a way to customize the logon page? It's the same use case as the linked article. We have a general logon page and a subsequent challenge response page. Are there options to customize both logon pages? Think of something along the lines of replacing the out-of-the-boxo F5 pages with something like Google's initial and 2FA logon pages.

We do not have a CMS to host the webpage on and are looking to host it locally on the F5. Not sure if this is technically possible but wanted to reach out to see if the F5 community could help. Thanks in advance!

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

This past summer we implemented F5 Access Policy Manager (APM) for our first project. One of the project goals was to have a consistent (as much as possible) user experience for logins using our existing authentication system and multi-factor authentication through our contracted service provider.

With the HTML / CSS / JavaScript templates from our front-end team we were able to integrate these into our Access Policy using the Advanced area under

  1. Access Policy
  2. Customization
  3. Advanced
  4. Access Profiles
  5. (your policy name)
  6. Access Policy
  7. Logon Pages
  8. (logon page macro name)

There was a good amount of trial and error, but we eventually achieved our goal of a 99% identical logon page look and feel for our users. It is important to note the recommendations of F5 to NOT change any of the existing CSS classes, but to create your own.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Thanks, Troy! Appreciate the response.

Question regarding your project: How many login steps do you require users to authenticate prior to accessing the resource? We are facing the issue when users are taken to the challenge response (two-step) page as the webpage does not render the challenge statement (ex.: enter OTP here xyz).

We were able to use the Advanced section to customize our initial login page but we're seeing that customization is moot and broken in light of the secondary step.

Have you done this as well?

0
Comments on this Answer
Comment made 12-Oct-2016 by Troy Murray 125

We have our password and MFA on the same page, although I've thought about separating them out, we haven't yet.

0
Comment made 12-Oct-2016 by han5rt8d 2

Interesting. Can I ask what you're using as the MFA platform?

Our AP requires a successful initial auth prior to taking the user to the MFA page. These are two separate webpages that the user pass through prior to accessing the resource.

Your implementation sounds like you have one webpage and has three fields for:

Username: ____________

Password: ______________

MFA code: ______________

If so, how does the system know which system (ex.: initial auth w/ AD; secondary w/ MFA system) to auth the user against?

0
Comment made 12-Oct-2016 by Troy Murray 125

I'm not comfortable listing our MFA solution on this public forum at this time. However I can share this, our authentication page looks similar to what you have above and you list two example auths, so I'll use those.

You could create a logon page that has all three fields. Upon submission the first macro could be your Active Directory authentication. If that Active Directory authentication macro is successful then that success branch could next be your MFA authentication macro. If that one is also success then the user could be presented the resources.

0