Forum Discussion
APM AdAuth HTTP Header Insert iRule Switch Statement
- Aug 17, 2023
As Jason said, there are many ways to do this and your method looks fine. But note your typo in IP::client_addr. And it is good practise to use -- to terminate switch options.
You could also do this by checking whether the header already exists
when ACCESS_ACL_ALLOWED { if { ! [HTTP::header exists iv-user] } { HTTP::header insert "iv-user" [ACCESS::session data get "session.logon.last.username"] } } }
- Aug 21, 2023
Doh! My bad, thanks for that. I did find that the F5 does not like:
// do nothing
within those braces, so I have omitted the contents and left it as:
when ACCESS_ACL_ALLOWED { switch -- [IP::client_addr] { "10.0.0.1" - "10.0.0.2" {} default { HTTP::header insert "iv-user" [ACCESS::session data get "session.logon.last.username"] } } }
This should be okay right?
Thanks for the response! Yes, that was me fat fingering it here, code I've written up/exists currently does not have that typo. So to clarify your comment on switch termination, it would be as follows then:
when ACCESS_ACL_ALLOWED
{
switch [IP::client_addr]{
"10.0.0.1" -
"10.0.0.2" -- { //do nothing }
default {
HTTP::header insert "iv-user" [ACCESS::session data get "session.logon.last.username"] }
}
}
I like that code you have provided for checking existing headers, really appreciate the options here.
Hiya, when I mentioned the switch termination i meant this ie the -- after the switch command
when ACCESS_ACL_ALLOWED
{
switch -- [IP::client_addr] {
"10.0.0.1" -
"10.0.0.2" { //do nothing }
default {
HTTP::header insert "iv-user" [ACCESS::session data get "session.logon.last.username"] }
}
}
- tdaishAug 21, 2023Altostratus
Doh! My bad, thanks for that. I did find that the F5 does not like:
// do nothing
within those braces, so I have omitted the contents and left it as:
when ACCESS_ACL_ALLOWED { switch -- [IP::client_addr] { "10.0.0.1" - "10.0.0.2" {} default { HTTP::header insert "iv-user" [ACCESS::session data get "session.logon.last.username"] } } }
This should be okay right?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com