Forum Discussion
Jonathon_Page
Nimbostratus
NimbostratusAutoFill username for Office 365 Federation
Hi. This is a simple question but I can't find a solution and ee are just getting started with our F5 implementation. I have deployed the office 365 federation using the f5.microsoft_office_365_id...
Jonathon_PageNimbostratus
NimbostratusHi. I found that I had to add an additional iRule on the http_request to parse the referer to get the username and then append it to the URI if it contained a username parameter. Here is my final iRule
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/saml/idp/profile/redirectorpost/sso" } {
if { [HTTP::header exists "Referer"] } {
set received_referer [HTTP::header "Referer"]
log local0. $received_referer
if { $received_referer contains "username="} {
log local0. "referer has username"
set username [URI::decode [URI::query $received_referer username]]
log local0. $username
HTTP::uri "/saml/idp/profile/redirectorpost/sso?username=[string map -nocase {"@" "%40"}$username]"
}
unset received_referer
}
}
}
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "GetURIusername" } {
set username [string map -nocase {"%40" "@"} [URI::query [ACCESS::session data get session.server.landinguri] username]]
log local0. "NewUsername = $username"
if {$username != ""} {
ACCESS::session data set session.custom.foundusername "1"
ACCESS::session data set session.custom.upn $username
ACCESS::session data set session.logon.last.username $username
}
}
}
mike_drennen_16Cirrus
Is this still working for you? We are needing to implement something like this to autopopulate the username on the F5 logon screen for SP initiated requests.
Thanks,
Mike