BigIP using redirection for Securid authentication

Question

I'm trying to get a BigIP to work with a Securid agent (via IIS web page) to authenticate users before proxying them to a protected web server.  When the client connects to the vip on the bigip, the default pool directs them to the IIS server running securid auth. The bigip watches the responses displayed by the server. If the user enters correct credentials, the bigip detects this, sets a cookie to say the user is authorised, and forwards their session to the real web server.  If the user doesnt get an "authentication successful" page back (ie they get denied, or pin reset, or next token code) then the F5 will keep them directed to the securid page.&nbsp;
&nbsp;I can set up an irule to direct the user to the real website once authenticated. But i'm not sure how to parse the users traffic for "authentication successful" or how to set cookies accordingly.

hooleylist · Answer

Hi,&nbsp;
&nbsp;There are a few similar rules in the Codeshare and iRules forum:&nbsp;
&nbsp;Client Auth Using Http Cookie
&nbsp;http://devcentral.f5.com/wiki/default.aspx/iRules/ClientAuthUsingHttpCookie.html&nbsp;
&nbsp;Conditioning iRule Logic on External Information - 1 - HTTP::retry
&nbsp;http://devcentral.f5.com/Default.aspx?tabid=63&amp;articleType=ArticleView&amp;articleId=105&nbsp;
&nbsp;Aaron

Forum Discussion

BigIP using redirection for Securid authentication

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Related Content

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

Application Programming Interface (API) Authentication types simplified

Distributed caching of authentication requests with NGINX Ingress Controller

iControl REST Authentication Token Management