Forum Discussion
david78
Nimbostratus
NimbostratusLog username with SSO ...
Hi,
To log the username i used this iRules :
when HTTP_REQUEST {
set client_username "[HTTP::username]"
}
But with the SSO, the client don't send the autorization header, but the SSO's cookie...
==> my iRules failed :(
It's there an another way to get the username ?
david78No one can help me ? :'(
Is there another way to get ID ?
Brian_69413If the username is encrypted with Kerberos, then the F5 will not be able to extract it. I don't think this can be done without some engineering of the app, but someone may have another idea.- Are you running v11?
If yes, do you have AUTHENTICATION module licensed?
If yes, you should be able to get this information by configuring APM and making use of ACCESS::user command.
APM has kerberos support builtin.
This is documented here.
http://devcentral.f5.com/wiki/iRules.ACCESS__user.ashx
Hope this helps. - david78
hi,
thank you for your response.
Yes, i have v11 & APM, but I don't understand how works ACCESS::user command :(
I found something else :
set client_username [ACCESS::session data get session.logon.last.username]
And i work :D - Great.
I'm glad you could get this to work for you.
