For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jclark53_145678's avatar
jclark53_145678
Icon for Nimbostratus rankNimbostratus
Feb 27, 2014

https://example.com/consume.aspx is the AssertionConsumerService but is also the app/relying party. The app then logs the user in unless contentid exists, in which case it should forward directly to that contentid (usually a document or video) without completely logging them in (but this occurs in the target application). The tricky part is getting the value into the response assertion if the custom session variable is set in an iRule. If I were to use a cookie would this work?:

when RULE_INIT {
    set cookie_name "contentid"
}
when ACCESS_SESSION_STARTED { 
    set c_id [HTTP::query]

    if { $c_id ne "" } {
        HTTP::cookie insert name $::cookie_name value $c_id
    } else {
        HTTP::cookie remove $::cookie_name
    }   
}
  • jclark53_145678's avatar
    jclark53_145678
    Icon for Nimbostratus rankNimbostratus
    Feb 28, 2014
    This doesnt seem to be working.. the webtop seems to truncate everything after ? in the URL and I don't see a cookie being set. Is ACCESS_SESSION_STARTED the correct event to write the cookie?