For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

dromerot's avatar
dromerot
Icon for Nimbostratus rankNimbostratus
Nov 30, 2020

F5 APM - Session Variable names with special characters

Hi,

 

I have F5 LTM+APM in 14.1.2 version with ADFS integration through SAML.

 

I would like to use the variable %{session.saml.last.attr.name.http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress} but it's always empty. However, I see my email in the Access Report. Therefore, this variable has a value but I can't use it in the VPE.

 

I've printed the variable with a logging box and it's also empty. On the other hand, the variable %{session.saml.last.identity} works. I can print and use it.

 

F5 APM supports session variable names with special characters? How can I use it?

 

Thanks, best regards.

application delivery
BIG-IP Access Policy Manager (APM)
cloud

2 Replies

  • Dario_Garrido's avatar
    Dario_Garrido
    Icon for Noctilucent rankNoctilucent
    Dec 13, 2020

    Hello Dromerot.

    Have you tried with an iRule?

    when HTTP_REQUEST {
	set email [ACCESS::session data get "session.saml.last.attr.name.{http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress}"]
	log local0. "SAML email: $email"
}

    Regards,

    Dario

  • dromerot's avatar
    dromerot
    Icon for Nimbostratus rankNimbostratus
    Dec 15, 2020

    Hi Dario,

     

    I have not tried with an iRule. I will try!!

     

    Thanks, best regards.