ltm rule event AUTH WANTCREDENTIAL
iRule(1) BIG-IP TMSH Manual iRule(1)
AUTH_WANTCREDENTIAL
Triggered when an authorization operation needs an additional
credential (deprecated in 9.4).
DESCRIPTION
Note: Deprecated in 9.4. It will still work, but is being phased out.
Use AUTH_RESULT instead in 9.4 and up.
Triggered when an authorization operation needs an additional
credential. See also the description of the AUTH::wantcredential_prompt
command.
A default handler for this event is associated with each of the
authentication profiles, and causes the system to close the connection
unless it can obtain the desired credential. Typically, this implies
that the protocol layer that provides the credential has also not yet
obtained the credential, because the system did not enable the
necessary authentication protocol. Each of the authentication profiles
contains appropriate default handlers for its respective protocol.
Examples
when AUTH_WANTCREDENTIAL {
HTTP::respond 401 "WWW-Authenticate" "Basic realm=\"\""
}
when AUTH_FAILURE {
log local0. "Auth failed: Auth prompt was \"[AUTH::wantcredential_prompt $authid]\" Auth prompt style was \"[AUTH::wantcredential_prompt_style $authid]\""
}
HINTS
SEE ALSO
https://devcentral.f5.com/wiki/iRules.ClientAuthUsingHTMLForms.ashx -
This iRule illustrates how to use HTML Forms for client authentication.
https://devcentral.f5.com/wiki/iRules.ClientAuthUsingHttpCookie.ashx -
This iRule illustrates how to use HTTP Cookies for client based
authentcation.
https://devcentral.f5.com/wiki/iRules.ClientAuthUsingHttpCookie.ashx -
The iRule implements a authenticated HTTPS reverse proxy.
CHANGE LOG
@BIGIP-9.0.0 --First introduced the event. @BIGIP-9.4.0 --Deprecated
in this version
BIG-IP 2017-01-31 iRule(1)