Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

One of my Company Vendor application want to call My web service and want to authenticate the traffic in APM . How can i authenticate

One of My Vendor wants to call my web service in their application. No Manual interaction is involved . I provide them a personal certificate and service account with password. Now I want to authenticate the traffic coming from my vendors application and pass it to my web service . I am running 11.6 , so no oauth is possible . How can I authenticate the traffic in this situation. any help will be highly appreciated .

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

is this an API call?

yon can configure your client ssl profile to require client certificate and use clientless mode with an APM policy to validate the username/password provided.

Some examples and references here:

https://devcentral.f5.com/codeshare/apm-clientless-certificate-authentication-1108

https://devcentral.f5.com/questions/apm-clientless-mode-2-and-3-54908

https://devcentral.f5.com/questions/apm-clientless-mode

APM Operations Guide

0
Comments on this Answer
Comment made 27-Apr-2018 by SoumyaBasu 57

Yes , this is an API call .

the Web service is behind my F5 is WSDL.

so when they call the url, it looks like this

https:///xxxx/xxxx?wsdl

Thanks for the document links . I will try and let you know the results.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

As said you can configure :

  • client certificate authentication
  • Basic authentication ( via Authorization header)
  • XML or JSON based authentication by collecting content in request, parsing it, extracting username/password fields and then using ACCESS::policy evaluate command to run a APM policy and validate AD creds for example

Yann

0
Comments on this Answer
Comment made 27-Apr-2018 by Yann Desmarest 4489
0