Forum Discussion
amallet_4001
May 18, 2017Nimbostratus
SSO HTTP Forms with variably uri
Hello,
I have an application which does not make SSO SAML and I would like to be able to set up SSO HTTP Forms.
However my URI is variable.
POST /idp/4NnB0_xVb0A/resumeSAML20/idp/SSO.ping HTTP/...
amallet_4001
Nimbostratus
Hi,
thank you for the response
However, How to create the custom variable?
Irule or directly on the VPE?
Best regards
Stanislas_Piro2
May 30, 2017Cumulonimbus
Hi,
HTTP_REQUEST is not the good event to use as it is evaluated for any following requests and not only during policy evaluation.
you can do it with (event only evaluated when new session):
when ACCESS_SESSION_STARTED {
if {[set uri [HTTP::uri]] contains "/idp/SSO.ping" && $uri contains "_"} {
if {[scan $uri {/f5-w-%[^$]$$%s} garbage SSO_URI] == 2} {
ACCESS::session data set session.lmt.sso.starturi "$SSO_URI"
} else {
ACCESS::session data set session.lmt.sso.starturi $uri
}
}
}
or variable assign
session.lmt.sso.starturi =
if {[scan [mcget {session.server.landinguri}] {/f5-w-%[^$]$$%s} garbage SSO_URI] == 2} {
return $SSO_URI
} else { return [mcget {session.server.landinguri}]}
If you want to evaluate this code for every requests, you must use ACCESS_ACL_ALLOWED event (same as HTTP_REQUEST but after APM and rewrite profile). in this event there is no need to parse HTTP::uri.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects