Hi Reldar,
So the resulting request to the LTM virtual server would be a POST containing a parameter with the key?
Would you want to check every request to the virtual server to see if it is a POST with a key? Or would you only check requests to a specific URI?
How would you want to determine if a key was valid?
Would you want to use an LTM cookie to track that a user had presented a valid key at the beginning of their session and then not look for the key on subsequent requests with the cookie?
In concept, you can collect the HTTP request payload in the HTTP_REQUEST even using HTTP::collect. In the HTTP_REQUEST_DATA event you could check the payload using HTTP::payload. But I would be leery of trying to do this collection for every request to the virtual server as it could use a lot of memory and add latency to the traffic.
Here are a few related articles:
http://devcentral.f5.com/wiki/iRules.http.ashx
http://devcentral.f5.com/wiki/iRules.http_request.ashx
http://devcentral.f5.com/wiki/iRules.http_request_data.ashx
http://devcentral.f5.com/wiki/iRules.http__collect.ashx
http://devcentral.f5.com/wiki/iRules.http__payload.ashx
Aaron