Bug ID 886841: Allow LDAP Query and HTTP Connector for API Protection policies

Last Modified: Mar 11, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
15.1.0

Opened: Mar 03, 2020
Severity: 4-Minor

Symptoms

APM has several types of access policies for different deployment types, such as general per-request policies, OAuth policies, full webtop portal policies, and so on. One type of policy is designed for API clients, called API Protection. API Protection requests are generally authenticated by user information present in an HTTP authorization header. APM then uses this authorization header data to authenticate users against an AAA server. In addition to authentication, some deployments of API Protection also require authorization decisions to be performed against out-of-band data from external servers, typically group membership data from an external HTTP or LDAP server.

Impact

Administrators are not able to use HTTP Connector or LDAP Query in API Protection policies.

Conditions

Administrators attempt to use HTTP Connector or LDAP Query in an API Protection type access policy.

Workaround

None

Fix Information

None

Behavior Change