Forum Discussion
8 Replies
Sort By
- hooleylistCirrostratusHi Roman,
- Roman_80473NimbostratusHi Aaron,
- You could easily encode or encrypt them within your local file system but it will be up to your iControl application to take the encoded/encrypted values and decode/decrypt them before passing them on to the LTM. The authentication occurs with the HTTP connection on each iControl method call. The LTM needs to be able to authenticate each request so you'll have to pass them in a format that the webserver can understand. which means you'll have to work with some form of clear-text credentials on the client. Make sense?
- hooleylistCirrostratusThat does make sense. It would be specific to your clientside platform. iControl just accepts cleartext credentials.
- Roman_80473NimbostratusHi Joe,
- Roman_80473NimbostratusHi Aaron,
- Carl_BrothersEmployeeIs there a way to do similar functions with powershell? Many people have a requirement that they cannot store a credential in clear text when the data is at rest.
Thanks,
CarlB
- Carl, as I mentioned before, iControl works just like the BIG-IP GUI. It supplies it's credentials with the WWW-Authenticated header over an SSL connection. On the client side, you have full control of how you want to manage your credentials. You can store them in plain text in the script, you could encrypt/decrypt them from somewhere on disk (although the caller of the script would need to have the key to decrypt them - or the script would), or you could use a 3rd party service to authenticate the user and then return the BIG-IP creds to your script. But ultimately the will have to be in some form of clear text before passing them on the BIG-IP.