APM, use HTTP basic auth semantics to retrieve e.g. RSA credentials?

Question

Hi all - new-ish to APM - I think this is possible, but wanted to check. Rather than using a form to gather credentials from a user, is it possible to use the HTTP basic auth authentication scheme to gather the credentials, but configure the access policy so that the retrieved credentials are sent to an RSA server (accessed as a RADIUS AAA)?&nbsp;
We already have a portal link working, with a form for user credential gathering - but we have some scenarios where it would be better if the client received an HTTP 401 status back, and gathered credentials via the built-in basic auth dialog.&nbsp;
This is on 11.5.1 LTM (APM 11.5.1).&nbsp;
Thx for any help!&nbsp;

kunjan · Answer

Should be able to do that. 
[HTTP::username] and [HTTP::password]   extracts the credentials from the header
https://devcentral.f5.com/wiki/iRules.HTTP__username.ashx
iRule can be used to map the username(401 agent updates username directly ) and password session variables. This can be followed by the radius agent.
when ACCESS_POLICY_AGENT_EVENT {    
        ACCESS::session data set session.logon.logon.username [HTTP::username] 
        ACCESS::session data set session.logon.logon.password [HTTP::password] 
}

Forum Discussion

APM, use HTTP basic auth semantics to retrieve e.g. RSA credentials?

1 Reply

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

OWASP Automated Threats - Credential Stuffing (OAT-008)

Leaked Credential Check with Advanced WAF

Creating a Credential in F5 Distributed Cloud for Azure

asmevents tool to retrieve events from an ASM device

XC - azure cloud Credentials issues