Forum Discussion

Nimbostratus

Sep 23, 2013

ACCESS::session data get - not available on 10.2.2?

Hi all, A quick question on "ACCESS::session data get" - I am using it in an HTTP_REQUEST event on 11.4, and when I brought a copy of the irule down to a 10.2.2 instance, I get a "command is not...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Sep 24, 2013

The ACCESS_ACL_ALLOWED event is synonymous with the HTTP_REQUEST event, except that it fires AFTER access policy completion (and on every request beyond access policy evaluation), so the session.ldap.last.attr.memberOf session variable would be guaranteed to exist there if the LDAP query succeeded. Any command that you would run in HTTP_REQUEST (ie. data group lookup, URI evaluation, etc.) could also be done in ACCESS_ACL_ALLOWED.

I can't speak to why 10.2 is reporting invalidity in the current context, but generally speaking the HTTP_REQUEST event fires irrespective of the access policy, so you would have to take extra measures to use ACCESS commands there.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)