iRule to decode SAML requests

Question

Hi,iRule to decode SAML requests?Is there an iRule out there, that would decode SAML requests? from the http requests that is.Thanks,&nbsp;

lucas_thompson · Answer

Fun question. A SAML request is typically URL encoded in redirect-binding and not encoded at all in POST-binding. This post describes how to decode something that's URL encoded:
https://community.f5.com/t5/codeshare/fully-decode-uri/ta-p/277666
For POST-binding it's in the HTTP body, so you'd need to collect the content using SSL::collect.
Keep in mind that when writing security related code it's easy to accidentally introduce vulnerabilities, so try to think about the service you're implementing like a security researcher / attacker.
As an alternative, the APM module for BIG-IP already has SAML support, so you can also just use the bulit-in functions that have already been well validated for security.

leslie_hubertus · Answer

Hi&nbsp;Poseidon1974&nbsp;- tagging my colleague&nbsp;JRahm&nbsp;and MVP&nbsp;Kai_Wilke&nbsp;because they are two experts in iRules and may be able to help out. Edit: and my colleague&nbsp;Lucas_Thompson&nbsp;since you mentioned SAML.

poseidon1974 · Answer

Hi,Thanks for your feedback,

poseidon1974 · Answer

Hi,Thanks for your feedback ;

Forum Discussion

iRule to decode SAML requests

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

HTML Decode iRule

Cannot edit "per-request policies" Request status 500

multiple requests in single tcp connection via irule without oneconnect

disable irule process for the request not for the whole tcp connection

iRULE regsub error

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS