APM two factor authentication with one password field

Question

I am wondering if it is possible to do two factor authentication (RSA + AD) based on HTTP authentication, so with only a username and password field available, so no third field. i was wondering about adding the RSA code to the password, splitting them up in APM policy manager (perhaps based on a specific seperator symbol) and sending the RSA code to the correct location and the same for the AD username password.&nbsp;
anyone ever build something like that?&nbsp;

michael_koyfma1 · Answer

Yes, you most certainly can do that.  Keep in mind that currently all APM Auth functions assume/require that the value fo the password is set to session.logon.last.password variable.  So, use iRules or Variable Assignment VPE action to save off original password, then extract token value, assign it to session.logon.last.password variable, run it through RSA Auth, then after successful RSA Auth set the AD password's value of the original field to session.logon.last.password, and run through AD Auth action.

boneyard · Answer

thank you, that sounds promising. 
&nbsp;  
&nbsp; now i am just wondering if i can pickup the credentials provided after the HTTP auth request from a backend server instead of having to use the Logon Page action?

Forum Discussion

APM two factor authentication with one password field

2 Replies

Recent Discussions

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

DevCentral to Require Multi-Factor Authentication for Account Login from September 26

Two-Factor Authentication With Google Authenticator And APM

Two-Factor Authentication – Captive Portal

Two-Factor Authentication With Google Authenticator And LDAP

Two-Factor Authentication – Remote Desktop Gateway