Manual Chapter :
About authentication items
Applies To:
Show VersionsBIG-IP APM
- 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0
About authentication items
Authentication items perform authentication or authentication-related functions, such as:
- Verify credentials (or a PIN or a token)
- Inspect SSL certificates
- Check SSL certificate revocation status
- Verify the result of passwordless authentication
- Perform accounting, and so on.
An authentication item usually follows a logon item or another authentication item in an access policy. An access policy can contain any number of authentication items.
An administrator that configures authentication items can make these choices:
- Specify an AAA server (or pool in cases where high availability is supported) against which to authenticate. Access Policy Manager (APM) supports many types of AAA servers.
- Inspect the SSL certificate presented during the initial SSL handshake, or specify on-demand certificate authentication (to re-negotiate the SSL connection). On-demand authentication is not supported in every type of access configuration.
- Select a Certificate Revocation Location (CRL) or Online Certificate Status Protocol (OCSP) responder for verifying revocation status.
Other configuration objects must be created before configuring an authentication item or before a particular type of authentication is fully configured and working.