Forum Discussion

RiverFish's avatar
RiverFish
Icon for Altostratus rankAltostratus
Feb 15, 2018

iRule landing page to test successful SAML SP

I'm looking at an F5 Agility lab book on APM Federation. I'm setting up SAML SP and the lab book says to assign an iRule that will "provide page content to validate successful access". The book doesn't show the contents of the iRule and I'm at work at my desk, not in the lab. I'm sure it's just a simple 'hello world' html page but want to make sure there's nothing special in it. I don't have access to servers so I can't whip up a quick IIS/Apache page. Does anyone happen to have this iRule or can point me to one?

 

  • It probably could be as simple as something like this:

    when ACCESS_ACL_ALLOWED {
        HTTP::respond 200 content "It works!"
    }
    

    One way I like to validate success of new items in a policy's VPE is to use the Message Box feature. I'll place a box that says that the action was successful, and place it appropriately. After this you could let it continue on to the app if there is one, or send it to a deny ending if there is no app yet. This has come in handy for developing policies to deal with IdP initiated and SP initiated SAML connections, as I can build in more logic depending on which mode is used.

    If you have many branches you might want to mark as successful, you could create a macro that contains the success message box, and then use the macrocall agent to easily place copies of it.