Forum Discussion

Poseidon1974

Cirrostratus

Mar 12, 2023

iRule to decode SAML requests

Hi, iRule to decode SAML requests? Is there an iRule out there, that would decode SAML requests? from the http requests that is. Thanks,

application delivery

Lucas_Thompson

Employee

Fun question. A SAML request is typically URL encoded in redirect-binding and not encoded at all in POST-binding. This post describes how to decode something that's URL encoded:

https://community.f5.com/t5/codeshare/fully-decode-uri/ta-p/277666

For POST-binding it's in the HTTP body, so you'd need to collect the content using SSL::collect.

Keep in mind that when writing security related code it's easy to accidentally introduce vulnerabilities, so try to think about the service you're implementing like a security researcher / attacker.

As an alternative, the APM module for BIG-IP already has SAML support, so you can also just use the bulit-in functions that have already been well validated for security.

Poseidon1974

Cirrostratus

Mar 30, 2023

Hi,

Thanks for your feedback,

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule to decode SAML requests

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

HTML Decode iRule

Cannot edit "per-request policies" Request status 500

multiple requests in single tcp connection via irule without oneconnect

disable irule process for the request not for the whole tcp connection

iRULE regsub error

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS