Forum Discussion
Bhargav_9588
Nimbostratus
Nimbostratusgetfield Parsing error
Hello,
I am trying to add an iRule to insert an http header value by stripping out domain from REMOTE_USER header. The following is the iRule I am trying to use:
when HTTP_REQUEST {
set login_user [HTTP::header remote_user ]
if { $login_user contains "\" } {
set ldap_user [getfield $login_user "\" 2]
HTTP::header replace SAPUserID $ldap_user
}
}
But it is throwing the following parsing error while saving:
01070151:3: Rule [insert.header.rule] error:
line 4: [parse error: missing "] ["\" 2]
HTTP::header replace SAPUserID $ldap_user
Any help is appreciated. Thanks in advance.
11 Replies
Joel_MosesYou could try this.when RULE_INIT { array set NTLMFlags { unicode 0x00000001 oem 0x00000002 req_target 0x00000004 unknown1 0x00000008 sign 0x00000010 seal 0x00000020 datagram 0x00000040 lmkey 0x00000080 netware 0x00000100 ntlm 0x00000200 unknown2 0x00000400 unknown3 0x00000800 ntlm_domain 0x00001000 ntlm_server 0x00002000 ntlm_share 0x00004000 NTLM2 0x00008000 targetinfo 0x00800000 128bit 0x20000000 keyexch 0x40000000 56bit 0x80000000 } } when HTTP_REQUEST { if { [HTTP::header Authorization] starts_with "NTLM " } { set ntlm_msg [ b64decode [split [lindex [HTTP::header Authorization] 1] ] ] binary scan $ntlm_msg a7ci protocol zero type switch -exact -- $type { 3 { binary scan $ntlm_msg @12ssissississississii \ lmlen lmlen2 lmoff \ ntlen ntlen2 ntoff \ dlen dlen2 doff \ ulen ulen2 uoff \ hlen hlen2 hoff \ slen slen2 soff \ flags set ntlm_domain {}; binary scan $ntlm_msg @${doff}a${dlen} ntlm_domain set ntlm_user {}; binary scan $ntlm_msg @${uoff}a${ulen} ntlm_user set ntlm_host {}; binary scan $ntlm_msg @${hoff}a${hlen} ntlm_host set unicode [expr {$flags & 0x00000001}] if {$unicode} { set ntlm_domain_convert "" foreach i [ split $ntlm_domain ""] { scan $i %c c if {$c>1} { append ntlm_domain_convert $i } elseif {$c<128} { set ntlm_domain_convert $ntlm_domain_convert } else { append ntlm_domain_convert \\u[format %04.4X $c] } } set ntlm_domain $ntlm_domain_convert set ntlm_user_convert "" foreach i [ split $ntlm_user ""] { scan $i %c c if {$c>1} { append ntlm_user_convert $i } elseif {$c<128} { set ntlm_user_convert $ntlm_user_convert } else { append ntlm_user_convert \\u[format %04.4X $c] } } set ntlm_user $ntlm_user_convert set ntlm_host_convert "" foreach i [ split $ntlm_host ""] { scan $i %c c if {$c>1} { append ntlm_host_convert $i } elseif {$c<128} { set ntlm_host_convert $ntlm_host_convert } else { append ntlm_host_convert \\u[format %04.4X $c] } } set ntlm_host $ntlm_host_convert } binary scan $ntlm_msg @${ntoff}a${ntlen} ntdata binary scan $ntlm_msg @${lmoff}a${lmlen} lmdata binary scan $ntdata H* ntdata_h binary scan $lmdata H* lmdata_h HTTP::header replace SAPUserID $ntlm_user } default { log local0. "NTLM type code was not parsed." } } } }
This should do what you want (although a little expensively, what with the Unicode handling loops and the decoding of the whole NTLM package -- PD, are you listening? 😆 ).
This code will not parse message types 1 and 2, but you really should only see a type 1 and 3 message from the client side -- and type doesn't contain much usable session data.
