Forum Discussion
What happens if you apply the default _sys_auth_ldap iRule to the LDAP auth profile?
Also try this - edit the existing iRule and add a log statement to your AUTH_RESULT event:
when AUTH_RESULT {
log local0. "AUTH status = [AUTH::status]"
if { [AUTH::status] != 0 } {
HTTP::respond 401
} else {
HTTP::release
}
}
Dear Kevin Stewart,
If I apply the default _sys_auth_ldap iRule to the LDAP auth profile, it applies LDAP auth into all site and I want to set authentication only in a specific path. I read a tutorial which sais the following iRule works great with my specific path:
when CLIENT_ACCEPTED {
set tmm_auth_ldap_sid [AUTH::start pam default_ldap]
}
when HTTP_REQUEST {
if {[HTTP::uri] contains "myFolder/myPage.action"} {
AUTH::username_credential $tmm_auth_ldap_sid [HTTP::username]
AUTH::password_credential $tmm_auth_ldap_sid [HTTP::password]
AUTH::authenticate $tmm_auth_ldap_sid
HTTP::collect
}
}
when AUTH_RESULT {
if {[AUTH::status] != 0} {
HTTP::respond 401
} else {
HTTP::release
}
}
With this iRule, LDAP server accepts credentials but it falls into a loop.
I tried the default _sys_auth_ldap iRule but it falls into the same loop. Unique difference between both is that default rule applies auth to all the site and custom iRule applies auth to a specific path, but both fall into the same loop.
What does log local0. "AUTH status = [AUTH::status]" line?
I set this option as you said but I obtain same result.
Anyway thank you very much for your time and your dedication.
I have not idea what or where is the problem.