Forum Discussion
Kevin_Stewart
Employee
May 20, 2016Well, yes of course. There's not much you really can't do with iRules (the F5 programmability API), so such a thing would be extremely reasonable.
when HTTP_REQUEST {
if { [HTTP::header exists MYAUTHHDR] } {
do something with that header
}
}
The real question, however, is how you would implement such a thing securely. HTTP headers don't usually provide any sort of challenge-response mechanism, so you'd have to create such a thing, both in iRules AND within the client from scratch, and you'd have to make sure that a) the communication was encrypted, and b) that it is (hopefully) not spoofable.