Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters

Would like to assign a session var and add to an https header

I'm completely new to F5/Big IP and have been assigned to work with our Network team to integrate an application SSO solution with the existing iRule. The network team only do basic re-directs and are intimidated at going beyond the working iRules. From my research this does not appear to be too difficult. What we need to do is assign a session variable to a local var and insert it into the header. I'm thinking it should look something like this:

when HTTP_REQUEST { set inbound_uri [string tolower [HTTP::uri]] set mycustom_var[ACCESS::session data get "session.logon.last.username"] HTTP::header insert $mycustom_var if { $inbound_uri starts_with "Blah" } {HTTP::redirect https://Other_Site/blah/ }

Any assistance will be much appreciated,

Rate this Question
Comments on this Question
Comment made 1 month ago by Max 2

The session variable I am trying to add is the MS AD logon User_ID - server variables that contain this data are LOGON_USER and AUTH_USER. From my reading it looks like this data is stored in "session.logon.last.username". The application is looking for this value in the custom var in the header. Hope this is helpful.


Answers to this Question


First of all you tagged your question as ASM when it really should be APM (different product/module). Basically you are on the right track, but with caveats as APM session needs to exist before you can read session data.

Check out the https://devcentral.f5.com/wiki/iRules.ACCESS__session.ashx for usage examples

Comments on this Answer
Comment made 1 month ago by Max 2

Thanks for the response,

I've been doing some reviewing of the documentation as mentioned and I'm only trying to help the network folks on this solution for the app I support. Our application requires the session var assigned to the custom var only until the users identity is confirmed. At that point the application takes over session management and security. So it appears for the session vars to be available we'll need a session.

I really appreciate the info and any pointers to help me get this iRule updated...

ACCESS::session create (this will have default values)

At that point I can use a command similar to:

when ACCESS_SESSION_STARTED { set my_custom_var [ACCESS::session data get "session.user.last.username"] } {log local0. "Custom_Var: $my_custom_var" }

Once I have the session data available and assigned to the custom var the value should be available in the session and I should be able to insert it into the header.