NetScaler user authentication to backend with cookies

A system one of my co-workers are load balancing and configuring AAA/SSO uses cookies for authentication. The username is inserted using a cookie, for example ”username=simon”. It’s very easy to first of all identify this cookie and modify it to another value, which makes it insecure.

The idea we got was to stop exposing the cookie to the user and only add it so that the backend sees it using a rewrite. The second thing we also want to do is remove this cookie so even though the user has the cookie, it will never be sent to the backend.

The solution is quite simple and looks like this:

From my initial tests, this will remove all cookies named ”username” (case insensitive) and add a new one with values from NetScaler AAA. If the user isn’t sending any Cookie-header at all, we’ll add one as well.

Seems to work very well!

Have you done this in any other way? Feel free to post how you did it.

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.