Forum Discussion

Sajid's avatar
Sajid
Icon for Cirrostratus rankCirrostratus
Sep 15, 2019

External Posting to APM with dynamic URL

Hi Guys,

 

I have a requirement to pass url with username/password.

 

Simple username/password working fine, when trying to pass the url as variable. It maks password empty.

 

Working solution with username/password with manual set url (variable).

 

 

when HTTP_REQUEST {

# Check for post requests to the fake URI

if {[HTTP::uri] starts_with "/login" && [HTTP::method] eq "POST"}{

    HTTP::cookie remove MRHSession

    ACCESS::session remove

# Collect up to 1Mb of request content

if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } {

set content_length [HTTP::header "Content-Length"]

} else {

set content_length 1048576

}

if { $content_length > 0 } {

HTTP::collect $content_length

}

}

}

 

when HTTP_REQUEST_DATA {

  # after authentication APM policy will redirect to this url, need to pass as posting from external site

# I would like to parse URL from payload

set posturl "https://trnapp01.example.com:443/appmanager/abc"

# Parse the username and password from the collected payload

set username [URI::query "?[HTTP::payload]" username]

set password [URI::query [URI::decode "?[HTTP::payload]"] password]

HTTP::release

}

 

when ACCESS_SESSION_STARTED {

if { [ info exists username ] } {

ACCESS::session data set session.logon.last.username $username

ACCESS::session data set -secure session.logon.last.password $password

ACCESS::session data set session.appurlredirect.uri $posturl

}

}

 

 

Requirement to parse url from payload.

 

application delivery
BIG-IP Access Policy Manager (APM)
security
  • youssef1's avatar
    youssef1
    Sep 16, 2019

    Hi Sajid,

    In fact we have to decoded payload using "[URI::decode [HTTP::payload]]"

    Payload:

    is=txtURL=https%3A%2F%2Ftrnapp01.example.com%3A443%2Fappmanager%2Fabc&username=user123&password=%40password123

    decoded raw:

    is=txtURL=https://trnapp01.example.com:443/appmanager/abc&username=user123&password=@password123

    now we have to set the right regex in your irule:

    https://regex101.com/

    when HTTP_REQUEST_DATA {
 
set payload [URI::decode [HTTP::payload]]
 
set username [URI::query "?[HTTP::payload]" username]
set password [URI::query [URI::decode "?[HTTP::payload]"] password]
 
regexp {^.*txtURL=([^&]+).*$} $payload -> gotURL
 
log local0. "Username: $username - password : $password - gotURL: $gotURL"
 
HTTP::release
 
}

    keep me in touch.

    regards

  • Sajid's avatar
    Sajid
    Icon for Cirrostratus rankCirrostratus
    Sep 30, 2019

    Hi

     

    facing issue with this regexp

    regexp {^.*txtURL=([^&]+).*$} $payload -> gotURL

      regexp {^.*username=([^&]+).*$} $payload -> username

      regexp {^.*password=([^&]+).*$} $payload -> password

     

    if password contains &, ^, # that is not working.

     

    Need help?

     

    Regards,

    Sajid