Forum Discussion
That_guy_122842
Nimbostratus
NimbostratusHow do I get attributes from a database into saml assertions ?
I have a database with a number of attributes that I would like to use as additional attributes in saml assertions.
Whats the best way to do this?
Would I use an iRule Sideband call to quer...
Kevin_Stewart
Employee
EmployeeThe only thing that might change is where you initiate the sideband call. So let's say for instance that you're collecting username from a logon form. Directly after the logon form, or perhaps after some preliminary AD/LDAP checks, insert an iRule agent into the visual policy. Now take the HTTP_REQUEST event in the above sideband iRule and change it to an ACCESS_POLICY_AGENT_EVENT event. You'll also potentially need to change the send string to send the username from the session. Example:
set data "GET / HTTP/1.1\r\nHost: [HTTP::host]\r\nUser-Agent: cUrl\r\nAccept: */*\r\nUSER: [ACCESS::session data get session.logon.last.username]\r\n\r\n"
The sideband call will be sent mid-access session.
This again will insert the session username into an HTTP header called "USER". You may need to do something different, like insert it via query string or POST payload.
