Hello all,
coming back to this old but very interesting (to me) post.
The I-rule proposed by Kevin works fine for me and i have been able to insert an HTTP HEADER with the assertion i am looking for thanks to :
when ACCESS_ACL_ALLOWED {
if { [ACCESS::session data get session.saml.last.sent] == "" } {
ACCESS::session data set session.saml.last.sent 1
HTTP::header insert MY_HTTP_HEADER_CITY [ACCESS::session data get session.saml.last.attr.name.city]
}
}
However, and this is due to the fact that i admit all this is not crystal clear to me at all, i am wondering why this header is set only "in the FIRST request to the server" and also if i could have it set for each and every request.
I guess this is due to ACCESS_ACL_ALLOWED event happening only once but...having said that and even after reading the documentation related to this event :
ACCESS_ACL_ALLOWED – triggered right after HTTP_REQUEST (and before CACHE_REQUEST, not included in this drawing) for a request that has been allowed by ACLs. ACCESS checks the request for a valid session, valid policy result, and then evaluates ACLs. If ACL allows a request, it raises ACCESS_ACL_ALLOWED before releasing the request to the upper layers.
this is still not clear to me. Any help would therefore be welcomed.
Thanks a lot.
With Regards