For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ademali_1610's avatar
ademali_1610
Icon for Nimbostratus rankNimbostratus
Jan 23, 2013

Access policy evaluation error

  Hey there,     I'm hoping somebody can provide some insight to show me what I might be doing wrong with my access policy. We have a Sharepoint web portal set up which is accessed throu...
application delivery
dev
devops
iRules
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Apr 23, 2013
If you disable the event hiding you should definitely be able to see the user's request, and I would assume that if the user attempts to access a resource (as seen with [HTTP::uri]) without first authenticating (as seen by [ACCESS::session data get ]), you could do something with that request. Considering that the user has simply logged off and hasn't left the page, I'm wondering if the session cookies still resident in the browser are causing a problem. Please add this logging iRule to your virtual server and observe/report the findings: 


when HTTP_REQUEST {
     log local0. "URI = [HTTP::uri]"
     foreach x [HTTP::header names] {
          log local0. "header($x) = [HTTP::header $x]"
     }
     log local0. "SID = [ACCESS::session sid]"
}