Forum Discussion
AN_168028
Nimbostratus
NimbostratusiRULE to capture user credentials in SOAP-XML Payload in Clientless Mode
We have application limitation from vendor where they don't support authentication based on Multiple Domains. I am configuration iRule and APM to achieve short coming of application.
External Appli...
Stanislas_Piro2
Cumulonimbus
CumulonimbusHi,
you can use this irule as example:
when HTTP_REQUEST {
set apmsessionid [HTTP::cookie value MRHSession]
if { [HTTP::cookie exists "MRHSession"] } {set apmstatus [ACCESS::session exists -state_allow $apmsessionid]} else {set apmstatus 0}
if {!($apmstatus)} {
Insert Clientless-mode header to start APM in clientless mode
if { [catch {HTTP::header insert "clientless-mode" 1} ] } {log local0. "[IP::client_addr]:[TCP::client_port] : TCL error on HTTP header insert clientless-mode : URL : [HTTP::host][HTTP::path] - Headers : [HTTP::request]"}
}
Collect Post Data to be parsed in HTTP_REQUEST_DATA
if { [HTTP::method] eq "POST" }{
set clength 0
if {[HTTP::header exists "Content-Length"] && [HTTP::header Content-Length] <= 1048576}{
set clength [HTTP::header Content-Length]
} else { set clength 1048576 }
if { [info exists clength] && $clength > 0} { HTTP::collect $clength }
}
}
when HTTP_REQUEST_DATA {
Parse XML Data
set xmluser [findstr [HTTP::payload] "" 15 "<"]
set xmlpwtmp [findstr [HTTP::payload] "" 1 end]
unset xmlpwtmp
}
when ACCESS_SESSION_STARTED {
Variables from HTTP REQUEST Data (XML Parsing)
if {([info exists "xmluser"])} { ACCESS::session data set session.logon.last.username $xmluser; ACCESS::session data set session.logon.last.logonname $xmluser; }
if {([info exists "xmlpw"])} { ACCESS::session data set session.logon.last.password $xmlpw }
}
when ACCESS_ACL_ALLOWED {
set user [ACCESS::session data get session.logon.last.username]
HTTP::header insert "login" $user
HTTP::header remove "Authorization"
}
