For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Edouard_Zorrill's avatar
Edouard_Zorrill
Icon for Nimbostratus rankNimbostratus
Apr 26, 2017

How to send the "HTTP::header insert" to the backend server using VPE (LTM+APM Mode)

Hey Guys,   Could anyone advise how I can send:   HTTP::header insert USER "[ACCESS::session data get session.logon.last.username]"   HTTP::header insert DOMAIN "[ACCESS::session data get se...
application delivery
BIG-IP Access Policy Manager (APM)
LTM
security
Kevin_Davies_40's avatar
Kevin_Davies_40
Icon for Nacreous rankNacreous
Apr 27, 2017

This page will tell you what you need to know. More specifically the New events section... https://devcentral.f5.com/articles/http-event-order-access-policy-manager

Given the logs shows the ACCESS events do not appear to be triggered in APM+LTM mode the new events allow you to take actions post APM. The middle iRule is what you need. The others were just to confirm the behaviour.

when ACCESS_POLICY_COMPLETED {
  log local0. "in ACCESS_POLICY_COMPLETED 500"
  if {[ACCESS::policy result] eq "allow"} {
    HTTP::header insert USER "[ACCESS::session data get session.logon.last.username]"
    HTTP::header insert DOMAIN "[ACCESS::session data get session.custom.domain]"
  }
}
when HTTP_REQUEST_RELEASE priority 200 {
  log local0. "in HTTP_REQUEST_RELEASE 200"
  HTTP::header insert USER "[ACCESS::session data get session.logon.last.username]"
  HTTP::header insert DOMAIN "[ACCESS::session data get session.custom.domain]"
}
when HTTP_REQUEST_RELEASE priority 900 {
  log local0. "in HTTP_REQUEST_RELEASE 900"
  log local0. "Headers [HTTP::header names]"
}