Forum Discussion

Rise_77519's avatar
Icon for Nimbostratus rankNimbostratus
May 22, 2012

reject client user based on username


I tried to accomplish my purpose with the below irule but it did not work. I would like to deny user when he tried to login my application.Other users can login. I could not understand that what is the wrong in my irule or it is true way to accomplish my porpose?


  if { [TCP::payload ] contains "david" } {
  } else {
     pool my_web_pool

8 Replies

  • Hi Michael,


    I am not sure which value I should use.How can I understand that I am using correct tcp payload value to catch username from tcp payload.


    thank you.


  • What protocol is the application using? Is the username included at the beginning of each TCP connection, each TCP packet, etc?



  • hi Hoolio,


    the application is using the http protocol and username included at he begining of the each tcp connection.Actually I would like to learn that how can I arrange the tcp payload length, is there a documentation about that?


  • Hi Rise,



    What authentication scheme is the application using? Is it basic, NTLM, etc? It would probably be simpler to add an HTTP profile to the virtual server and then use HTTP:: commands to parse the username.



  • You can still reset the connection with reject or if you add an HTTP profile to the VS, you can send an HTTP response with HTTP::respond.



    If you can confirm the authentication method I can give you a more detailed example on how to parse the username from requests.



  • Hi Hoolio,


    We are using ldap authentication method. Thank you fır your helps.