cancel
Showing results for 
Search instead for 
Did you mean: 

Login form ?

Visitor

Login form ?

Hi. I'm very new to the whole vTMs - and only know the basics so far. So I have two questions for you who know more than me - so probably everyone.

 

1) I'm trying to load balance a site that requires authentication from ldap (essentially Sharepoint).  I have set up the ldap authenticator, but how do I get the vtm to send a challenge, or a 'login form' so that it can pass through the credentials to to the IIS site.  I have moved this site over ftom MS TMG, which could do this without any issues.  Any pointers on where to look (for a beginner) would be appreciated. *See below

 

2) Do PulseSecure do any online training?

 

Thanks in advance.

 

*Update - I got the authentication partially working, but wanted to only allow members of a certain group through, based upon the ldap $auth lookup - but I can't seem to get it right.  If the $auth returns all attributes, what is the attribute I need to use in TrafficScript: 

 

if( $auth['group'] = "groupiwant" ) ...doesn't work! any ideas

 

 

1 REPLY 1
Highlighted
Occasional Contributor

Re: Login form ?

Darrell,

 

Authenticators can be configured to provide information about the supplied user, for example the groups to which they belong. This information will also be contained in the hash returned by the auth.query() function. The group attribute is supported in TrafficScript so you just need to define a group that are allowed. There is a line of script required to support group based access below:

 

PS does not offer trafficscipt online training. However, we have trafficscipt manuals or you can open a support ticket if you need further assistance or work with our Professional Services team for any custominized scripts. 

 

Regards,


Genard

 

------------------------------------------------------------------------------------

 

# Verify the user's password using an LDAP
# authenticator called 'ldap'
$auth = auth.query( "ldap", $user, $pass );
if( $auth['Error'] ) {
   log.error(
      "Error with authenticator 'ldap': " .
      $auth['Error']
   );
   connection.discard();
} else if( !$auth['OK'] ) {
   # Unauthorised
   http.sendResponse( "403 Permission Denied",
      "text/html", "Incorrect username or password",
      ""
   );
}

# Allow through members of the 'admin' group using
# the 'group' attribute returned by the authenticator
if( $auth['group'] != "admin" ) {
   http.sendResponse( "403 Permission Denied",
      "text/html",
      "You do not have permission to view this page",
      ""
   );
}