Faaiz_28768
Feb 14, 2011Nimbostratus
BIGIP-LTM-Version-9.4.8:irule to extract username from HTTP request
Thanks for your reply. Yes, whenever i enter virtual server ip, it does show me following output by running (tail -f /var/log/ltm)
HTTP User/Pass:
HTTP User/Pass:
Please, clearify basic auth?
User logins are integrated with LDAP server. Same username is used to access domain and for using application server.
Dear Chris,
Thanks for your reply. Yes, whenever i enter virtual server ip, it does show me following output by running (tail -f /var/log/ltm)
HTTP User/Pass:
HTTP User/Pass:
Please, clearify basic auth?
User logins are integrated with LDAP server. Same username is used to access domain and for using application server.
According to the wiki page, HTTP::username works for basic auth
http://devcentral.f5.com/wiki/defau...rname.html
I'm not sure whether your LDAP server is using basic, SASL, or something else.
http://devcentral.f5.com/wiki/default.aspx/iRules/parse_username_from_http_requests_rule.html
If you want help adapting that to your scenario, can you provide a sample request with anonymized credentials? Can you also confirm the LTM version you're using?
You can get a sample request using HttpFox for Firefox or Fiddler2.
Aaron
Thanks for the link. I vistied this link (http://devcentral.f5.com/wiki/default.aspx/iRules/parse_username_from_http_requests_rule.html ) earlier. Upon your referring, i revisited and got a few hints that helped me to resolve my issue.
Yes, application prompts for the username and i did exactly as you highlighted and got the solution. Following is my iRule
when HTTP_REQUEST {
if {[HTTP::method] eq "POST" && ([HTTP::payload] contains "j_username") } {log local0. "HTTP User/Pass: [HTTP::payload] FROM {Client IP:[IP::client_addr]} "}
}
Thanks for the Chris as well.
If that works for your testing, it would be simpler to use than a stream filter and STREAM::expression based iRule. But if you want a guarantee, you could use the stream filter or HTTP::collect/HTTP::payload.
Aaron