Forum Discussion
HTTP header inserts null value for first few requests
I'm trying to forward a HTTP header to my application with the username embedded, this allows the application to decide (on it's own, from AD) what to let the user do (or not do).
I have APM with LDAP working, and the session variable is mapped.
PROBLEM: the first several requests (looks like always 3) don't have the username populated. It comes through as "null", then on the 4th request it comes through correctly.
I think this is a timing issue, if I don't initialize the variable, then I can't call it. But if I set it to null, it takes several requests to put the username in, even though APM has successfully authenticated before the first request.
I tried moving the set username [A::S data get ldap-nese] under both ACCESS_ACL_COMPLETED and ACCESS_ACL_ALLOWED, no difference.
Any suggestions from the experts would be appreciated.
Snip of the iRule in use:
--------------------------------------------------------
when
CLIENT_ACCEPTED {
if I don't set null values here, we get TCL errors for non-existent variables
when HTTP_REQUEST {
Wipe the session header if the client sends it (security)
if { [HTTP::header exists "X-Auth-Client"] } {
HTTP::header remove "X-Auth-Client" }
}
when ACCESS_ACL_ALLOWED {
when ACCESS_ACL_COMPLETED {
- Richard__HarlanHistoric F5 AccountWhat is happening is the HTTP_REQUEST fires before the ACCESS_ACL_* events fire. This is why you are seeing the blank HTTP header. You can move the HTTP_REQUEST to HTTP_REQUEST_SEND. This should only fire after the APM has run.
- umiotoko_95283
Nimbostratus
Yes, thanks. I tried HTTP::header (insert/replace) but this produced a TCL error. I finally ran across a reference to clientside and that fixed it.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com