Forum Discussion
- Lucas_ThompsonEmployee
Fun question. A SAML request is typically URL encoded in redirect-binding and not encoded at all in POST-binding. This post describes how to decode something that's URL encoded:
https://community.f5.com/t5/codeshare/fully-decode-uri/ta-p/277666
For POST-binding it's in the HTTP body, so you'd need to collect the content using SSL::collect.
Keep in mind that when writing security related code it's easy to accidentally introduce vulnerabilities, so try to think about the service you're implementing like a security researcher / attacker.
As an alternative, the APM module for BIG-IP already has SAML support, so you can also just use the bulit-in functions that have already been well validated for security.
- Poseidon1974Cirrostratus
Hi,
Thanks for your feedback,
- Leslie_HubertusRet. Employee
Hi Poseidon1974 - tagging my colleague JRahm and MVP Kai_Wilke because they are two experts in iRules and may be able to help out. Edit: and my colleague Lucas_Thompson since you mentioned SAML.
- Poseidon1974Cirrostratus
Hi,
Thanks for your feedback ;