For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

nirobi03_194837's avatar
nirobi03_194837
Icon for Nimbostratus rankNimbostratus
Nov 24, 2015

Can I enforce a maximum character limit for APM user name?

I would like to limit the username field to no more than 7 characters to prevent users from accidently putting their username and password in the username field.   Is this possible?   If so, ho...
application delivery
BIG-IP Access Policy Manager (APM)
Lucas_Thompson_'s avatar
Lucas_Thompson_
Historic F5 Account
Nov 25, 2015

With APM you can basically do anything because you can stick TCL anywhere you want. Here's how to do that:

 

  1. Go to VPE in your access policy
  2. Add (or edit) a logon page Policy Item.
  3. Add a branch rule
  4. Add whatever expression you want (it doesn't matter, we're going to edit it)
  5. Click the Advanced tab
  6. Use this expression: expr { [string length [mcget {session.logon.last.username}]] > 7 }

The system evaluates that from the innermost square brackets out, like algebra. "string length" is TCL to grab the length of a string. "mcget" grabs a session variable from APD's cache (or sessiondb, depending). "expr" evaluates the expression mathematically.

 

  • expr { [string length [mcget {session.logon.last.username}]] > 7 }
  • expr { [string length "johndoe"] > 7 }
  • expr { 7 > 7 }
  • expr { 0 }
  • Result: FALSE