For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Altostratus rank

Altostratus

Feb 18, 2021

iRule to remove HTTP Headers like SamAccountName

We are using the following iRule to include SamAccountName header:

when ACCESS_ACL_ALLOWED {

#Add Username as a Session Variable to be called below

if { [ACCESS::session data get session.saml.last.result] == 1 } {

set name [ACCESS::session data get "session.saml.last.attr.name.SamAccountName"]

HTTP::header insert SamAccountName "$name"

HTTP::header insert WL-Proxy-Client-IP [IP::client_addr]

}

Application owners have discovered the SamAccountName can be modified in the header and the user logging in will be different.

We are looking for a solution to write an iRule that would strip out the initial SamAccountName header information and replace it.

application delivery

BIG-IP Access Policy Manager (APM)

1 Reply

boneyard
MVP
Feb 27, 2021
that would be HTTP::header replace or first HTTP::header delete and then HTTP::insert to make sure you don't have double ones.

Security Best Practices for F5 Products

Technical Articles

F5 AppWorld 2026 Registration - early bird pricing.

DevCentral News

Kostas Injeyan - October 2025 Featured Member

DevCentral News

featured member

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5