apm aaa http
apm aaa http(1) BIG-IP TMSH Manual apm aaa http(1)
NAME
http - Specify an http server configuration used for authentication.
MODULE
apm aaa
SYNTAX
Configure the http component within the aaa module using the syntax
shown in the following sections.
CREATE/MODIFY
create http [name]
modify http [name]
options:
app-service [[string] | none]
auth-type [form-based | basic-ntlm | custom-post]
content-type [xml-utf8 | url-encoded-utf8 | none]
custom-body [[string] | none]
description [[string] | none]
follow-redirect [integer]
form-action [[string] | none]
form-fields [[string] | none]
form-method [get | post]
form-params [[string] | none]
form-password [[string] | none]
form-username [[string] | none]
headers [add | delete | modify | replace-all-with | none] {
[name] {
app-service [[string] | none]
hname [[string] | none]
hvalue [[string] | none]
}
}
location-specific [true | false]
start-uri [[string] | none]
success-match-type [url | cookie | string | exact-cookie]
success-match-value [[string] | none]
edit http [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list http
list http [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
app-service
non-default-properties
one-line
partition
DELETE
delete http [name]
DESCRIPTION
You can use the http component to create and manage AAA HTTP servers.
EXAMPLES
create http myHttpServer { start-uri "http://mycompany.com/" auth-type
basic-ntlm }
Creates an HTTP authentication server named "myHttpServer" with a
starting URI of http://mycompany.com.
delete http myHttpServer
Deletes the myHttpServer AAA HTTP server.
OPTIONS
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
auth-type
Specifies the type of authentication you want to use.
form-based
Specifies the authentication type to be form-based.
basic-ntlm
Specifies the authentication type to be basic-ntlm.
custom-post
Specifies the authentication type to be custom-post.
content-type
Specifies the encoding (xml-utf8, url-encoded-utf8, or none) for
an HTTP custom post. If you specify 'none', you must use the
headers option to add a custom header. In addition to specifying a
custom header, you must apply your own encoding through an iRule.
custom-body
Specifies the body for a HTTP Custom Post.
description
Specifies a unique description for the server. The default is
none.
follow-redirect
Specifies the number of pages away from the landing page the
request should travel before failing.
form-action
Specifies the complete destination URL to process the form using
HTTP form-based authentication. This is optional. If you do not
specify a form action, then Access Policy Manager will use the URI
from the request to perform HTTP form-based authentication.
form-fields
Specifies the hidden form parameters that are required by the
authentication server logon form at your location. The default is
none. Specify a parameter name, a space, and the parameter value,
if any. Multiple parameters can be configured with each "name
value" pair in one line. Use edit to add multiple parameters.
Please note that create and modify do not allow using new line on
the terminal.
form-method
Specifies the form method you want to use for the form-based HTTP
authentication. The value is either Get or POST. The default is
POST. However, if you specify GET, the Access Policy Manager will
force the authentication using HTTP GET rather than perform
authentication using form-based POST.
form-password
Specifies the parameter names used by the form you are sending the
POST request to.
form-username
Specifies the parameter names used by the form you are sending the
POST request to.
headers
Specifies the name and value of the header content to be inserted
in an HTTP Post. The options are:
app-service
Specifies the name of the application service to which the
HTTP header belongs. The default value is none. Note: If the
strict-updates option is enabled on the application service
that owns the object, you cannot modify or delete the HTTP
header. Only the application service can modify or delete the
HTTP header.
hname
The name of the HTTP header.
hvalue
The value of the HTTP header.
location-specific
Specifies whether or not this object contains one or more
attributes with values that are specific to the location where the
BIG-IP device resides. The location-specific attribute is either
true or false. When using policy sync, mark an object as location-
specific to prevent errors that can occur when policies reference
objects, such as authentication servers, that are specific to a
certain location.
[name]
Specifies the name of the aaa http server. This option is
required.
partition
Displays the partition within which the component resides. The
default is Common.
start-uri
Specifies a URL resource, for example,
http://plum.tree.lab2.sp.companynet.com/. This resource must
respond with a challenge to a non-authenticated request.
success-match-type
Specifies the method your authentication server uses and
determines the option definition used for this field. The field
toggles according to your selection.
cookie
Specifies any string in cookie is required.
exact-cookie
Specifies key fields in cookie is required.
string
Specifies a specific string is required.
url Specifies a URL is required.
success-match-value
Specifies the URL, any string in cookie, exact cookie or specific
string used for the specific success match type you see.
SEE ALSO
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2011-2013, 2015-2016. All rights
reserved.
BIG-IP 2016-03-14 apm aaa http(1)