Forum Discussion

Cirrus

Oct 08, 2019

Irule to match two APM variables

I need some help with an Irule that should have this logic, The attribute "samlattr" must match the value "employeeID" if there are a match the VPE should continue. If there are no match, the sess...

application delivery

BIG-IP Access Policy Manager (APM)

iRules

Enes_Afsin_Al

MVP

Oct 08, 2019

Hi Squeak,

Can you test this?

when ACCESS_POLICY_AGENT_EVENT {
	set samlattr [ACCESS::session data get "session.saml.last.attr.name.xyz"]
	set employeeID [ACCESS::session data get "session.ldap.last.attr.employeeID"]
	
	if { $samlattr ne $employeeID } {
		discard
	}
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Irule to match two APM variables

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

help with irule string match

iRule to reroute to new site while evaluating variables

iApp variable scope

APM - RADIUS Variables

having /%23/path - /#/uri issue matching irule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS