I reloaded 9.1.0 Build 6.2 and was able to successfully use the rule below. I switched back to a system running 9.2.2 Build 76.6 and am experiencing problems. The configs are near identical on each F5 (the 9.2.2 system has more virtual servers as the 9.1.0 only has the ldap stuff). The 9.2.2 system "loads" the page 5 minutes after entering the credentials. The 9.1.0 system "loads" the page almost immediately after the ldap credentials are entered. Have you experienced the same type of problems? Could you confirm this? Is there a newer version of the os?
Thank you,
Rob
when CLIENT_ACCEPTED {
set ldap_authed 0
}
when HTTP_REQUEST {
set username [HTTP::username]
set password [HTTP::password]
set asid_ldap [AUTH::start pam default_ldap]
AUTH::username_credential $asid_ldap $username
AUTH::password_credential $asid_ldap $password
AUTH::authenticate $asid_ldap
HTTP::collect
}
when AUTH_SUCCESS {
if {$asid_ldap eq [AUTH::last_event_session_id]} {
set ldap_authed 1
}
if {$ldap_authed == 1} {
log local0. "entering auth success"
HTTP::release
}
}
when AUTH_FAILURE {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
log local0. "entering auth failure"
HTTP::respond 302 Location "http://x.x.x.x"
}
}
when AUTH_WANTCREDENTIAL {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
log local0. "entering auth want credential"
HTTP::respond 401
}
}
when AUTH_ERROR {
if {$asid_ldap eq [AUTH::last_event_session_id] } {
log local0. "entering auth error"
HTTP::respond 401
}
}