LDAP Auth iRule Question

In the default _sys_auth_ssl_cc_ldap iRule, many of the events use the following check:


if {$tmm_auth_ssl_cc_ldap_sid eq [AUTH::last_event_session_id]} {
...
}

Can anyone describe to me situations in which this IF statement would evaluate to false and fail?

In our AUTH_FAILURE event, I had written some logic outside this IF statement, and it seems that in some cases, the AUTH_FAILURE event was being executed and the IF statement was evaluating to false, resulting in bugs because the code I wrote should have only happened in tandem with the code that's within the IF.

I suppose the glaringly obvious solution is for me to just put the code within the IF statement, but it's a bit more tricky. This problem occured in our Production system and I can't seem to recreate it in the Development system, so I need to be able to prove why moving it within the IF block would fix it, because I can't risk the bugs that the previous method caused in Production.

Thanks for any insight.

-Bill

Forum Discussion

LDAP Auth iRule Question

Recent Discussions

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Related Content

irule logging question

Novice Question - irules

LDAP Proxy

Google Authenticator iRule For Two-Factor Auth With LDAP

LDAP Auth, LDAP Query with UPN fails

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS