Add a string to an Access Policy variable

Question

In my access policy I have the following variable set up:&nbsp;
session.ldap.last.attr.trimmedMembership = regexp -inline -all {CN=aPUMA[^,]+,} [mcget {session.ldap.last.attr.memberOf}]&nbsp;
This produces the example list depending on the user's LDAP group membership:&nbsp;
CN=aPUMAApp-Admin, CN=aPUMAApp-User, CN=aPUMAWeb-Admin, CN=aPUMASWeb-User&nbsp;
I want to add a new role, aPUMAApp-Design, to the list regardless of the user's group membership.&nbsp;
How do I modify the variable above to do this?&nbsp;

seth_cooper · Answer

You should be able to have an additional variable assign as follows...
session.ldap.last.attr.trimmedMembership =

expr { [concat "[mcget {session.ldap.last.attr.trimmedMembership}], CN=aPUMAApp-Design" ] }

Let me know if this helps.
Seth

claud_13959 · Answer

Yes, it works. Thanks a lot.&nbsp;

Forum Discussion

Add a string to an Access Policy variable

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

iRule variable

string first replacement procedure for ID999881

Having issue with String Map using variables/data group.

issue with irule redirecting with # string