Forum Discussion
M_Petr
Altostratus
AltostratusInsert JavaScript only if memberOF equal some value
Hi, everyone.
I have one virtual server, one pool.
My APM with Login + AD auth + AD Query (expr { [mcget {session.ad.last.attr.memberOf}] contains "CN=Group1" }).
I must :
If I have a match with a specific group (Group1), then I insert the JavaScript to HTTP Response;
if there are no matches only HTTP Response.
How can I do this?
Hi Petr.
a) So first of you have to be sure that your session is not in progress... it will be success (value == allowed).
b) in ordre to inject easly your javascript follow my procedure:
- create a file with your js (myjs.js)
- Upload it on F5 (Access ›› Webtops : Hosted Content : Manage Files) and attached it to your VS / Policy.
- On your VPE set a value in order to validate if user is in the right configuration:
session.logon.custom.grp
if { [mcget "session.ldap.last.memberOf"] contains "right_GRP") } { return "1" } else { return "0" }
- Then you have to rewrite the content response using stream profile (of course you have to set a default stream profil in your vs)
I set you an example of rewriting but you have to adapt stream expression...
Hope it's clear for you, I don't tested this Irule and I think you have to adapt this irule.
this Irule (and this way of doing) is going to give you the big lines to follow ...
when HTTP_REQUEST { set session 0 if {[ACCESS::session exists -sid $apm_cookie] and [ACCESS::session data get -sid $apm_cookie session.policy.result] == "allowed" }{ set session 1 } } when HTTP_RESPONSE { set grp [ACCESS::session data get "session.logon.custom.grp"] if {$grp} { if { ([HTTP::header value Content-Type] contains "text") } { log local0. "rewrite" STREAM::expression {@src="script/modernizr.js"></script>@src="script/modernizr.js"></script><script type="text/javascript" src="/public/share/yourjs.js"></script>@ @<body>@<body onLoad="senjson()">@} STREAM::enable } } }Regards
youssef1Cumulonimbus
Hi Petr.
a) So first of you have to be sure that your session is not in progress... it will be success (value == allowed).
b) in ordre to inject easly your javascript follow my procedure:
- create a file with your js (myjs.js)
- Upload it on F5 (Access ›› Webtops : Hosted Content : Manage Files) and attached it to your VS / Policy.
- On your VPE set a value in order to validate if user is in the right configuration:
session.logon.custom.grp
if { [mcget "session.ldap.last.memberOf"] contains "right_GRP") } { return "1" } else { return "0" }
- Then you have to rewrite the content response using stream profile (of course you have to set a default stream profil in your vs)
I set you an example of rewriting but you have to adapt stream expression...
Hope it's clear for you, I don't tested this Irule and I think you have to adapt this irule.
this Irule (and this way of doing) is going to give you the big lines to follow ...
when HTTP_REQUEST { set session 0 if {[ACCESS::session exists -sid $apm_cookie] and [ACCESS::session data get -sid $apm_cookie session.policy.result] == "allowed" }{ set session 1 } } when HTTP_RESPONSE { set grp [ACCESS::session data get "session.logon.custom.grp"] if {$grp} { if { ([HTTP::header value Content-Type] contains "text") } { log local0. "rewrite" STREAM::expression {@src="script/modernizr.js"></script>@src="script/modernizr.js"></script><script type="text/javascript" src="/public/share/yourjs.js"></script>@ @<body>@<body onLoad="senjson()">@} STREAM::enable } } }Regards
M_PetrThanks it works!!!