Caching XML or String

Question

Hi All&nbsp;
&nbsp;Before I decide on going for F5 I need to know if F5 can handle the following scenario and how ?&nbsp;
&nbsp;1. Scenario 1
&nbsp;-------------------&nbsp;
&nbsp;Say I have 2 users U1 and U2. U1 gets redirected to Server 1 and uses his login id and password to login. U2 gets redirected to Server 1 or Server 2 and IF HE USES THE SAME LOGIN and PASSWORD AS U1 can F5 be used to Stop it. If yes, then how ?&nbsp;
&nbsp;2. Scenario 2
&nbsp;--------------&nbsp;
&nbsp;We have a workflow system. Say an application has been created and needs approval and assume we have 2 users who has approval authority logged in. &nbsp;
&nbsp;Current implementation; When U1 opens the screen for approval we store the ID value and UserID in the cache (ASP.NET) and if U2 tries to open the same application we show a message saying - IT HAS BEEN OPENED BY ANOTHER AUTHROITY.&nbsp;
&nbsp;This is implemented and the application uses the same application space in IIS.&nbsp;&nbsp;
&nbsp;How can this be handled if F5 is setup and U2 is trying to open the application if he is on a different server in the farm ?

nicolas_menant · Answer

Hi,&nbsp;
&nbsp;Scenario 1:
&nbsp;---------------&nbsp;
&nbsp;Depending on how the credentials are passed it is possible: it is possible if you use authentication profile or if the login/password are sent through HTTP. 
&nbsp;In this case you can ask the BIGIP to log that this login/passwd has been used for this specific source IP. This way if another IP use those credentials you can block it. &nbsp;
&nbsp;You can store those data in the BIGIP memory through the session command: Click here&nbsp;
&nbsp;Scenario 2:
&nbsp;---------------&nbsp;
&nbsp;If i understood correctly what you want to achieve is that if a user access a specific application you don't want another user to be able to open it. What you can achieve is to identify when a user connect to this application (based on the URI accessed?) and store this information. Until this user access finished to access this application you can deny access to this application to any other user. &nbsp;
&nbsp;The tricky part would be to handle how to identify when the user leave the application. If he accessed a specific URI like http://mysite.com/logout.asp  then it's easy and we can even store a timeout for this entry in case the user close its browser. &nbsp;
&nbsp;So depending on some more detailed criterias (ex: do all the user come from the same Source IP address, etc...) the F5 should be able to do what you want to achieve.&nbsp;
&nbsp;I would advise to contact your F5 reseller he should be able to help you answer your request&nbsp;
&nbsp;HTH

renz_76579 · Answer

&nbsp;Thanks. That did help.

Forum Discussion

Caching XML or String

2 Replies

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Distributed caching of authentication requests with NGINX Ingress Controller

XML parsing by XML firewall

string first replacement procedure for ID999881

DNS Caching

3. SYN Cookie: SYN Cache