Forum Discussion
NimbostratusSetting Max User Per Session based on the request URI
Hiya,
We have an application where I could use the same virtual server and access profile for all requests with exception that the access profile's 'Max User Per Session' setting should be 1 for certain URLs while 0 (unlimited) for others.
I would not like to duplicate any configuration however the only solution what I have found, so far, is routing the request at the virtual server level using the 'virtual' command. It would require 3 virtual servers (1 router and 1-1 for the specific URL set) + 2 access profiles (each with the right 'Max User Per Session' configuration), if I am right.
Is there a more elegant way to solve this problem?
- Preferably a way to set the Max User Per Session information during the call processing, like setting a session variable in an iRule.
- If 1) is not possible, selecting the access profile for a single virtual server (from iRule I guess).
Many thanks,
3 Replies
kunjan(1) I'm not sure if possible.
(2) I have not tried it, but you can explore to use "ACCESS::policy evaluate" based on the URL.
https://devcentral.f5.com/wiki/iRules.ACCESS__policy.ashx
- Janitso_134744
Thanks Kunjan,
I have checked it out previously but it says for ACCESS::policy evaluate : "The policy will evaluate in clientless mode (i.e., no logon pages or message boxes)." and we are using F5 logon pages. So I guess it is not an option for me.
- kunjan
Yeah rite :)
How about: when ACCESS_POLICY_COMPLETED for the specific URL, write the user to table. https://devcentral.f5.com/wiki/iRules.table.ashx
when ACCESS_SESSION_STARTED for the specific URL, lookup for the user in table. ACCESS:remove if it exists.
when ACCESS_SESSION_CLOSED , remove the user from the table.
Workable?
