apm aaa http
apm aaa http(1) BIG-IP TMSH Manual apm aaa http(1)
NAME
http - Specify an http server configuration used for authentication.
MODULE
apm aaa
SYNTAX
Configure the http component within the aaa module using the syntax shown in the following sections.
CREATE/MODIFY
create http [name]
modify http [name]
options:
app-service [[string] | none]
auth-type [form-based | basic-ntlm | custom-post]
content-type [xml-utf8 | url-encoded-utf8 | none]
custom-body [[string] | none]
description [[string] | none]
follow-redirect [integer]
form-action [[string] | none]
form-fields [[string] | none]
form-method [get | post]
form-params [[string] | none]
form-password [[string] | none]
form-username [[string] | none]
headers [add | delete | modify | replace-all-with | none] {
[name] {
app-service [[string] | none]
hname [[string] | none]
hvalue [[string] | none]
}
}
location-specific [true | false]
start-uri [[string] | none]
success-match-type [url | cookie | string | exact-cookie]
success-match-value [[string] | none]
edit http [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list http
list http [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete http [name]
DESCRIPTION
You can use the http component to create and manage AAA HTTP servers.
EXAMPLES
create http myHttpServer { start-uri "http://mycompany.com/" auth-type basic-ntlm }
Creates an HTTP authentication server named "myHttpServer" with a starting URI of http://mycompany.com.
delete http myHttpServer
Deletes the myHttpServer AAA HTTP server.
OPTIONS
app-service
Specifies the name of the application service to which the object belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service that owns the object, you cannot modify or delete the
object. Only the application service can modify or delete the object.
auth-type
Specifies the type of authentication you want to use.
form-based
Specifies the authentication type to be form-based.
basic-ntlm
Specifies the authentication type to be basic-ntlm.
custom-post
Specifies the authentication type to be custom-post.
content-type
Specifies the encoding (xml-utf8, url-encoded-utf8, or none) for an HTTP custom post. If you specify 'none', you must
use the headers option to add a custom header. In addition to specifying a custom header, you must apply your own
encoding through an iRule.
custom-body
Specifies the body for a HTTP Custom Post.
description
Specifies a unique description for the server. The default is none.
follow-redirect
Specifies the number of pages away from the landing page the request should travel before failing.
form-action
Specifies the complete destination URL to process the form using HTTP form-based authentication. This is optional. If
you do not specify a form action, then Access Policy Manager will use the URI from the request to perform HTTP form-
based authentication.
form-fields
Specifies the hidden form parameters that are required by the authentication server logon form at your location. The
default is none. Specify a parameter name, a space, and the parameter value, if any. Multiple parameters can be
configured with each "name value" pair in one line. Use edit to add multiple parameters. Please note that create and
modify do not allow using new line on the terminal.
form-method
Specifies the form method you want to use for the form-based HTTP authentication. The value is either Get or POST. The
default is POST. However, if you specify GET, the Access Policy Manager will force the authentication using HTTP GET
rather than perform authentication using form-based POST.
form-password
Specifies the parameter names used by the form you are sending the POST request to.
form-username
Specifies the parameter names used by the form you are sending the POST request to.
headers
Specifies the name and value of the header content to be inserted in an HTTP Post. The options are:
app-service
Specifies the name of the application service to which the HTTP header belongs. The default value is none. Note:
If the strict-updates option is enabled on the application service that owns the object, you cannot modify or
delete the HTTP header. Only the application service can modify or delete the HTTP header.
hname
The name of the HTTP header.
hvalue
The value of the HTTP header.
location-specific
Specifies whether or not this object contains one or more attributes with values that are specific to the location
where the BIG-IP device resides. The location-specific attribute is either true or false. When using policy sync, mark
an object as location-specific to prevent errors that can occur when policies reference objects, such as
authentication servers, that are specific to a certain location.
[name]
Specifies the name of the aaa http server. This option is required.
partition
Displays the partition within which the component resides. The default is Common.
start-uri
Specifies a URL resource, for example, http://plum.tree.lab2.sp.companynet.com/. This resource must respond with a
challenge to a non-authenticated request.
success-match-type
Specifies the method your authentication server uses and determines the option definition used for this field. The
field toggles according to your selection.
cookie
Specifies any string in cookie is required.
exact-cookie
Specifies key fields in cookie is required.
string
Specifies a specific string is required.
url Specifies a URL is required.
success-match-value
Specifies the URL, any string in cookie, exact cookie or specific string used for the specific success match type you
see.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights reserved.
BIG-IP 2016-03-14 apm aaa http(1)