Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

variable from HTTP_REQUEST to ACCESS_POLICY_AGENT_EVENT

Hi,

I am trying grab username which is part of URI::Query(when HTTP_REQUEST) and trying to assign it to session.logon.last.username (when ACCESS_POLICY_AGENT_EVENT)

Is it possible to take a variable from event HTTP_REQUEST and assign it to a variable when ACCESS_POLICY_AGENT_EVENT ?

I am doing this as a part of Office 365 implementation.

Any help would be much appreciated.

0
Rate this Question
Comments on this Question
Comment made 2 months ago by K4keyur 1

Current iRule

when HTTP_REQUEST { if { [HTTP::uri] contains "username="} { set uri [URI::decode [URI::query [HTTP::uri]]] set urisplit [split $uri "&"] set uname [lindex $urisplit 2] log local0. $uname }

}

when ACCESS_POLICY_AGENT_EVENT { if { [ACCESS::policy agent_id] eq "getusername" } { ACCESS::session data set session.temp.username $uname } }


I am assigning session.temp.username to session.logon.last.username using variable assignment

The bit that is not working is assignment of $uname to ACCESS::session data set session.temp.username

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

you can use ACCESS_SESSION_STARTED instead of ACCESS_POLICY_AGENT_EVENT and HTTP_REQUEST

when ACCESS_SESSION_STARTED {

      if { [HTTP::uri] contains "username="}
    { 
      set uri [URI::decode [URI::query [HTTP::uri]]]
          set urisplit  [split $uri "&"]
          set uname [lindex $urisplit 2]
          log local0. $uname
          ACCESS::session data set session.temp.username $uname
        }

}
0
Comments on this Answer
Comment made 2 months ago by K4keyur 1

Works great!!!

Thanks Stanislas.

0
Comment made 2 months ago by Stanislas Piron 4546

Hi,

you can optimise your code with multiple solution:

Solution 1 : extract username and password in query parameters with F5 commands

when ACCESS_SESSION_STARTED {
    if { [HTTP::uri] contains "username="} {
        set username [URI::decode [URI::query [HTTP::uri] username]]
        set password [URI::decode [URI::query [HTTP::uri] password]]
        log local0. "Username : $username / Password : $password"
        ACCESS::session data set session.temp.username $username
        ACCESS::session data set -secure session.temp.password $password
    }
}

you can also use clientless mode in HTTP_REQUEST to insert username / password (HTTP::header insert username in clientless mode will insert username in VPE logon page)

when HTTP_REQUEST {
    if { [HTTP::uri] contains "username="} {
        set username [URI::decode [URI::query [HTTP::uri] username]]
        set password [URI::decode [URI::query [HTTP::uri] password]]
        log local0. "Username : $username / Password : $password"
        HTTP::header insert "clientless-mode" 1
        HTTP::header insert "username" $username
        HTTP::header insert "password" $password
    }
}
1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

try

ACCESS::session data set session.custom.username $uname
0
Comments on this Answer
Comment made 2 months ago by K4keyur 1

When trying to assign a variable to ACCESS::session data set session.temp.username $uname I am getting the below in ltm logs -

- can't read "user": no such variable while executing "ACCESS::session data set session.temp.username "$user""

0
Comment made 2 months ago by @nesh 717

try custom instead of temp

0
Comment made 2 months ago by Piotr Lewandowski 1109

Well,

There is some mismatch between code posted and error message. In code you are using $uname but in your error message $user is reported - is that misspelling on your side? So maybe your are setting $uname variable and then using $user in ACCESS::session data set session.temp.username?

Piotr

0
Comment made 2 months ago by K4keyur 1

Thanks Piotr,

Really well spotted.I pasted older logs, when I was using 'user' as a variable. I pasted the new code where I was using 'uname' as variable.

0