HTTP:: request header insert issue

 

 

We've created an iRule to insert the username id into header for all HTTP requests.

 

Also have the rule logging this occurence. The issue we are seeing is that the username is

 

is NOT inserted into EVERY HTTP request. Note that we've had to create a session cookie to

 

support radius auth.

 

 

Note: 2nd entry has a blank client D value

 

 

Thu Feb 22 14:32:04 xxxx 2007 tmm tmm[984] 01220002 Rule rsa_cookie_radius HTTP_REQUEST: inserted Client id TEST_01

 

Thu Feb 22 14:32:14 xxxx 2007 tmm tmm[984] 01220002 Rule rsa_cookie_radius HTTP_REQUEST: inserted Client id

 

 

I am a real newbie when it comes to this stuff so some help would be great.

 

 

Here is the iRule

 

 

*************************

 

 

when CLIENT_ACCEPTED {

 

set authinsck 0

 

set forceauth 1

 

set ckname BIGXAUTH

 

set ckpass xxxxxxxx

 

set ckvalue [IP::client_addr]

 

set ckdomain .xx.xx.xx.xx

 

set asid [AUTH::start pam default_radius]

 

}

 

when HTTP_REQUEST {

 

if {[HTTP::cookie exists $ckname]} {

 

if {[HTTP::cookie value $ckname] eq $ckvalue} {

 

set forceauth 0

 

log "HTTP_REQUEST set forceauth 0"

 

}

 

HTTP::cookie remove $ckname

 

}

 

if {$forceauth eq 1} {

 

AUTH::username_credential $asid [HTTP::username]

 

AUTH::password_credential $asid [HTTP::password]

 

AUTH::authenticate $asid

 

HTTP::collect

 

}

 

HTTP::header insert "X-EAU-Client-id" [HTTP::username]

 

log "inserted Client id [HTTP::username]"

 

}

 

when HTTP_RESPONSE {

 

if {$authinsck eq 1} {

 

HTTP::cookie insert name $ckname value $ckvalue path / domain $ckdomain

 

 

}

 

}

 

when AUTH_SUCCESS {

 

if {$asid eq [AUTH::last_event_session_id]} {

 

set authinsck 1

 

HTTP::release

 

}

 

}

 

when AUTH_FAILURE {

 

if {$asid eq [AUTH::last_event_session_id]} {

 

HTTP::respond 401 "WWW-Authenticate" "Basic realm=\"\""

 

}

 

}

 

when AUTH_WANTCREDENTIAL {

 

if {$asid eq [AUTH::last_event_session_id]} {

 

HTTP::respond 401 "WWW-Authenticate" "Basic realm=\"\""

 

}

 

}

 

when AUTH_ERROR {

 

if {$asid eq [AUTH::last_event_session_id]} {

 

HTTP::respond 401

 

}

 

}

 

 

*****************************************

 

 

cheers

 

 

m