Manual Chapter :
About authentication
items
Applies To:
Show VersionsBIG-IP APM
- 15.0.1, 15.0.0
About authentication
items
Authentication items perform authentication or authentication-related
functions, such as:
- Verify credentials (or a PIN or a token)
- Inspect SSL certificates
- Check SSL certificate revocation status
- Verify the result of passwordless authentication
- Perform accounting, and so on.
An authentication item usually follows a logon item or another
authentication item in an access policy. An access policy can contain any number of
authentication items.
An administrator that configures authentication items can make these
choices:
- Specify an AAA server (or pool in cases where high availability is supported) against which to authenticate. Access Policy Manager (APM) supports many types of AAA servers.
- Inspect the SSL certificate presented during the initial SSL handshake, or specify on-demand certificate authentication (to re-negotiate the SSL connection). On-demand authentication is not supported in every type of access configuration.
- Select a Certificate Revocation Location (CRL) or Online Certificate Status Protocol (OCSP) responder for verifying revocation status.
Other configuration objects must be created before
configuring an authentication item or before a particular type of authentication is fully
configured and working.