Forum Discussion

Janitso_134744's avatar
Janitso_134744
Icon for Nimbostratus rankNimbostratus
Apr 09, 2014

Setting Max User Per Session based on the request URI

Hiya,

 

We have an application where I could use the same virtual server and access profile for all requests with exception that the access profile's 'Max User Per Session' setting should be 1 for certain URLs while 0 (unlimited) for others.

 

I would not like to duplicate any configuration however the only solution what I have found, so far, is routing the request at the virtual server level using the 'virtual' command. It would require 3 virtual servers (1 router and 1-1 for the specific URL set) + 2 access profiles (each with the right 'Max User Per Session' configuration), if I am right.

 

Is there a more elegant way to solve this problem?

 

  1. Preferably a way to set the Max User Per Session information during the call processing, like setting a session variable in an iRule.
  2. If 1) is not possible, selecting the access profile for a single virtual server (from iRule I guess).

Many thanks,

 

3 Replies

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    (1) I'm not sure if possible.

     

    (2) I have not tried it, but you can explore to use "ACCESS::policy evaluate" based on the URL.

     

    https://devcentral.f5.com/wiki/iRules.ACCESS__policy.ashx

     

  • Thanks Kunjan,

     

    I have checked it out previously but it says for ACCESS::policy evaluate : "The policy will evaluate in clientless mode (i.e., no logon pages or message boxes)." and we are using F5 logon pages. So I guess it is not an option for me.

     

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus

    Yeah rite :)

     

    How about: when ACCESS_POLICY_COMPLETED for the specific URL, write the user to table. https://devcentral.f5.com/wiki/iRules.table.ashx

     

    when ACCESS_SESSION_STARTED for the specific URL, lookup for the user in table. ACCESS:remove if it exists.

     

    when ACCESS_SESSION_CLOSED , remove the user from the table.

     

    Workable?