Manual Chapter : About the External Logon page

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 15.0.0
Manual Chapter

About the External Logon page

An External Logon page action provides a link to a logon page on an external server. An external solution can then provide robust logon credentials to the access policy. A logon action typically precedes the authentication action that checks the credentials provided on the logon page.
When an access policy reaches the External Logon page action:
  • Access Policy Manager sends an HTML page containing JavaScript code that redirects users to the external server.
  • The client submits a
    post_url
    variable. This
    post_url
    variable is used by the external application to return a value to the access policy. When the user completes authentication on the external server, the external server posts back to the URL specified in this variable, to continue the session.
    The value of post_URL is in the format:
    http(or https)://
    Access_Policy_Manager_URI
    /my.policy
    . The
    Access_Policy_Manager_URI
    is the URI visible to the user, taken from the HTTP Host header value sent by the browser.
An External Logon Page action provides these configuration elements and options:
External Logon Server URI
Specifies the URI of the external logon server.
Split domain from full username
Specifies
Yes
or
No
.
  • Yes
    - specifies that when a username and domain combination is submitted (for example,
    marketing\jsmith
    or
    jsmith@marketing.example.com
    ), only the username portion (in this example,
    jsmith
    ) is stored in the session variable
    session.logon.last.username
    .
  • No
    - specifies that the entire username string is stored in the session variable.