Log username with SSO ...

Question

Hi, &nbsp;
&nbsp;To log the username i used this iRules : &nbsp;
&nbsp;when HTTP_REQUEST {
&nbsp;         set client_username "[HTTP::username]"
&nbsp; }&nbsp;

&nbsp;But with the SSO, the client don't send the autorization header, but the SSO's cookie...
&nbsp;==&gt; my iRules failed :(&nbsp;
&nbsp;It's there an another way to get the username ?&nbsp;&nbsp;

david78 · Answer

No one can help me ? :'( 
&nbsp;  
&nbsp; Is there another way to get ID ?

brian_69413 · Answer

If the username is encrypted with Kerberos, then the F5 will not be able to extract it.  I don't think this can be done without some engineering of the app, but someone may have another idea.

c_p_i_o_17707 · Answer

Are you running v11?   
&nbsp; If yes, do you have AUTHENTICATION module licensed? 
&nbsp; If yes, you should be able to get this information by configuring APM and making use of ACCESS::user command. 
&nbsp; APM has kerberos support builtin. 
&nbsp;  
&nbsp; This is documented here. 
&nbsp; http://devcentral.f5.com/wiki/iRules.ACCESS__user.ashx 
&nbsp;  
&nbsp; Hope this helps. &nbsp;

david78 · Answer

hi,  &nbsp;
&nbsp; thank you for your response.  
&nbsp; Yes, i have v11 &amp; APM, but I don't understand how works ACCESS::user  command :( &nbsp;
&nbsp; I found something else :  
&nbsp; set client_username [ACCESS::session data get session.logon.last.username]&nbsp;
&nbsp; 
&nbsp; And i work :D &nbsp;&nbsp;&nbsp;

c_p_i_o_17707 · Answer

Great. 
&nbsp; I'm glad you could get this to work for you.

Forum Discussion

Log username with SSO ...

Recent Discussions

Failing over Virtual F5 VE to DR location using Zerto

Unblock Request WAF

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Related Content

Forwarding Logs to SIEM Tools via HTTP Proxy for F5 Distributed Cloud Global Log Receiver

F5 Distributed Cloud Telemetry (Logs) - Loki

F5 Distributed Cloud Telemetry (Logs) - ELK Stack

Logging DNS Requests

Log Http Headers