Forum Discussion
NimbostratusHow to negate a | character in irule for a APM policy
I am trying to set a list of APM ACL's based on the Groups that are in the SAML insertion. The groups are delimitated with a | character. My code works if get rid of the |.
% set session.saml./Common/ichs3-vpn_act_saml_auth_ag.attr.name.UserGroup "|SG: ICHS-nonProduction-VPN-DQ |SG: ICHS-nonProduction-VPN-GCS" |SG: ICHS-nonProduction-VPN-DQ |SG: ICHS-nonProduction-VPN-GCS % set session.assigned.acls [ regsub -all {\y|SG: ICHS-nonProduction-VPN-\y} ${session.saml./Common/ichs3-vpn_act_saml_auth_ag.attr.name.UserGroup} /Common/ ] |/Common//Common/D/Common/Q |/Common//Common/G/Common/C/Common/S
Desired output: /Common/DQ /Common/GCS
3 Replies
Your question seems to be truncated somehow, I'm assuming the % means that you're trying this code with tclsh for testing? Can you clarify exactly what you're doing?
Ken_Thomas_1364Yes, I am using tclsh to test the statement first. tclshprompt%
I just got the result I wished with this statement. I can confirm it would work in a APM irule that would be great.
set session.assigned.acls [ regsub -all \|SG:\ ICHS-nonProduction-VPN- ${session.saml./Common/ichs3-vpn_act_saml_auth_ag.attr.name.UserGroup} /Common/ ]
result: % puts ${session.assigned.acls} /Common/DQ /Common/GCS
APM's Policy Items' TCL are processed by a different engine than iRules, but it's essentially stock TCL. Anything that works from tclsh should also work in a Policy Item.
