Forum Discussion

Cirrus

Oct 08, 2019

Irule to match two APM variables

I need some help with an Irule that should have this logic, The attribute "samlattr" must match the value "employeeID" if there are a match the VPE should continue. If there are no match, the sess...

application delivery

BIG-IP Access Policy Manager (APM)

irules

Enes_Afsin_Al

MVP

Oct 08, 2019

Hi Squeak,

Can you test this?

when ACCESS_POLICY_AGENT_EVENT {
	set samlattr [ACCESS::session data get "session.saml.last.attr.name.xyz"]
	set employeeID [ACCESS::session data get "session.ldap.last.attr.employeeID"]
	
	if { $samlattr ne $employeeID } {
		discard
	}
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Irule to match two APM variables

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Illigal Parameter addition as custom signature set wanted to Unblock

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Managing iRules configuration

CPU load when Prometheus is scraping metrics from F5 BIG-IP LTM

Problem with sending BotDefense logs to remote server

Related Content

Getting Started with iRules: Variables

irule matching variable in uri

APM variable assign examples

iRule variable

The same static variable in different iRules/VS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS