Forum Discussion
1 Reply
Sort By
- Stanislas_Piro2Cumulonimbus
Hi,
you can use this irule (not tested)
when RULE_INIT { to be changed prior to any publishing set static::passphrase "hEuoYjmFUpB4PcpO3bUdQtLP4ic7jjm" } when ACCESS_SESSION_STARTED { if { [HTTP::cookie exists APMAuth] } { set decrypted [HTTP::cookie decrypt "APMAuth" $static::passphrase] scan $decrypted {%[^:]:%s} username password ACCESS::session data set session.logon.last.username $username ACCESS::session data set -secure session.logon.last.password $password } } when ACCESS_POLICY_COMPLETED { if { ([ACCESS::policy result] equals "allow") } { HTTP::cookie encrypt "TMPCOOKIE" "[ACCESS::session data get session.logon.last.username]:[ACCESS::session data get -secure session.logon.last.password]" HTTP::cookie encrypt "TMPCOOKIE" $static::passphrase ACCESS::respond 302 noserver "Location" [ACCESS::session data get session.server.landinguri] "Cache-Control" "no-cache, must-revalidate" Set-Cookie "APMAuth=[HTTP::cookie TMPCOOKIE];path=/" } }
and configure VPE to check if session.logon.last.username is not null.
if session.logon.last.username equals "" then prompt for logon page, else validate authentication with user / password stored in encrypted cookie.