Last Modified: Jul 24, 2024
Affected Product(s):
BIG-IP APM
Known Affected Versions:
16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5
Opened: Jan 02, 2024 Severity: 4-Minor
You are unable to disable ACCESS logic for a virtual server with the Profile-Type 'OAuth-Resource Server'
You will not be able to disable ACCESS logic for virtual server with Profile-Type 'OAuth-Resource Server'
Virtual Server with 'OAuth-Resource server' profile type checks for Authorization header, preflight requests do not have such header so get 400 Bad request in return.
Configure another virtual server with Profile-Type 'All' and redirect the specific (i.e pre-flight) requests to that VS. Attach below irule on existing VS, when HTTP_REQUEST { set auth_token "abcasdfasdfnaskzfiajsfhasikasigiashdfnaksjdnkasdfnkajnsdkjfnaksjdnfanskdfnkas"; set original_headers [HTTP::header "Authorization"] if { $original_headers eq "" } { HTTP::header insert "Authorization" "Bearer $auth_token" log local0. "new irule redirect event" HTTP::redirect "http://10.103.119.36/" } else { HTTP::header replace "Authorization" "Bearer $auth_token" } }
None