Attempting to incorporate IRule basic auth with an access policy
Here is my scenario:
Some webservice clients might hit a particular url. For the purpose of this question, lets say that is www.example.com/webserviceOne/one
When they hit this, Basic Authentication over HTTP should take the initial step in understanding which client is attempting to connect. Here is a working IRule that is able to parse the request:
when HTTP_REQUEST {
if {[HTTP::username] eq "" || [HTTP::password] eq ""} {
HTTP::respond 401 WWW-Authenticate "Basic realm=\"EXAMPLE\""
return
} else {
ACCESS::session data set "session.logon.last.username" [HTTP::username]
ACCESS::session data set "session.logon.last.password" [HTTP::password]
log " username set to [ACCESS::session data get session.logon.last.username]"
log " password set to [ACCESS::session data get session.logon.last.password]"
}
}
Note, this occurs for each HTTP request.
My APM looks as follows, where the policy should use the set username and password for AD Authenticatation.
As expected, when I do not provide credentials for Basic Auth, I cannot move forward. However, when I do provide some credentials, the issue I am having is that the "AD auth failed" stage is always reached. Examining the logs has also shown me that the log statements I print out above return back to empty, which might be part of the issue here.
On a side note, I have setup an alternative virtual server, which uss a login form instead of IRule basic auth, and using the same credentials, I can get passed the AD Auth stage.
Any ideas as to what I am doing wrong?