Forum Discussion

Anthony_Reddy_2's avatar
Anthony_Reddy_2
Icon for Nimbostratus rankNimbostratus
Jun 24, 2016

How to hardcode or custome the Logon pages in BIG-IP APM 12.0

Hi,

 

As i am integrating BIG-IP APM 12.0 with our RADIUS server. I would like to hardcode or customize the logon page as per my requirement.

 

Requirement1:

I would like to customize the Logon Page while authenticating with RADIUS. When i access the virtual server IP in web browser, i see the User name and Password field for remote access.

 

Here, i just customized the Logon Page from Visual Policy Editor, that i need see only user name field and it should proceed for the RADIUS authentication after entering only User Name. On RADIUS server, it proceeds for entered user name Second Factor Authentication (Could be Response only-Soft Token OR Challenge Response-GRID). See Logon Page that i Customized Attached Image

 

 

After applying the Logon Page customization changes, i could see only user name field in Logon Page. When i enter RADIUS user name and click logon, it not proceeding for RADIUS authentication and throwing the error that "The username or password is not correct. Please try again".

 

 

Here, it suppose to proceed for the authentication, which didn't happen. Is it possible to hardcode the BIG-IP to accept only user name and proceed for RADIUS authentication ??

 

Your help is highly appreciated and thanks in advance.

 

Thank You, Anthony

 

APM
devops

4 Replies

Sort By
  • kullwahad_19151's avatar
    kullwahad_19151
    Icon for Nimbostratus rankNimbostratus
    Jun 27, 2016

    Hello,

     

    I don't see the interest of this but... Do you try to add a block of "variable assign" between "logon page" and "Radius auth" ? (where you force the variable session.logon.last.password to a correct value?)

     

    Regards,

     

  • Anthony_Reddy_2's avatar
    Anthony_Reddy_2
    Icon for Nimbostratus rankNimbostratus
    Jun 28, 2016

    Hi Kullwahad,

     

    Thank you for your prompt response..

     

    As i am not familiar in creating the the variable assigns, i am unable to create the right one. But i have tried to add the below variable assign, between Logon Page and RADIUS auth. But, that didn't work. Could you please help me in creating a variable assign with values?? So, i could proceed with only user name for RADIUS auth.

     

     

    Thanks Anthony

     

  • Seth_Cooper's avatar
    Seth_Cooper
    Icon for Employee rankEmployee
    Jun 30, 2016

    Just to confirm, you want to have username on one logon page and then the click submit and then are prompted for a password/token that is then used in a RADIUS Auth action? Is there any logic between the username page and the password page or do you just want to split it up? Is there any technical reason to split it up or just the way it needs to be?

     

    You could use two separate logon pages and on the first don't display a password and then the second page have a password but have the username as readonly, many options but need to figure out the full reason for the requirements.

     

    -Seth

     

  • Anthony_Reddy_2's avatar
    Anthony_Reddy_2
    Icon for Nimbostratus rankNimbostratus
    Jul 04, 2016

    Hi Seth,

     

    The requirement of this configuration is, we just need to enter only the user name and proceed for the RADIUS authentication using online transaction on user mobile devices to confirm/cancel/concern the authentication.

     

    During this authentication user password shouldn't required (if we disable the password field) and proceed to RADIUS auth (We set only Mobile Soft Token for user auth), which is user connected online to get the authentication transaction request to confirm/cancel/concern the auth.

     

    It doesn't include any other authentication i.e. AD/LDAP

     

    sample auth transaction request on user Mobile devices.