Page created: 6 Nov 2020
|
Page updated: 12 May 2021
Complete the following steps to import PingIntelligence policy in F5:
- Login to your F5 UI and navigate to Local Traffic >
iRules > LX
Workspaces.
In the Workspaces tab, click on import.
- A Workspace import page is displayed. Enter the Name and choose the
PingIntelligence policy that you downloaded from Ping Identity download site.
Click on Import.
- Clicking on Import creates an LX Workspace
- Open the Workspace by clicking on it. The policy is pre-loaded with extension named
oi_ext. Edit the ASE configuration by clicking on ASEConfig.js file. It opens the PingIntelligence policy in the editor:
The following table describes the ASE variables:
| Variable | Description |
|---|---|
ase_primary |
IP address of primary ASE node |
ase_primary_port |
Port number of primary ASE node |
ase_secondary |
IP address of secondary ASE node |
ase_secondary_port |
Port number of secondary ASE node |
is_ase_ssl |
Set to true if traffic to ASE is sent over
HTTPS |
ase_token |
The ASE sideband authentication token that was generated as part of prerequisites |
use_ca |
Set to true if ASE is using a CA-signed
certificate |
include_paths |
Provide the list of paths that the policy should process. If
/ is provided as path, then all the traffic is
monitored. The maximum number of subpaths in path is 3. For example,
/a/b/c/. |
enable_auth |
Set to true if traffic contains access token in
authorization header or
querystring. |
is_access_token_in_header |
Set to true if access token is present in
authorization header. |
access_token_variable |
If the access token is present in querystring,
then specify the key used for token. |
authorization_header_prefix |
If the access token is present in authorization
header, then specify the prefix used for access token. |
user_key_mapping |
The location of username in JSON payload of JWT
access token. |
clientid_key_mapping |
The location of client ID in JSON payload of JWT access token |