Forum Discussion
zafer
Nimbostratus
NimbostratusTime based VPN restriction
Hi All,
Our users Authenticate from Active Directory. We have custom software and DB for storing users info and credential.
For example :
User A : vpn enabled user and AD group X and work ...
Stanislas_Piro2
Cumulonimbus
CumulonimbusHi,
To retreive logon and logout time from web server, you need to configure AAA HTTP server (even if you don't want to authenticate on this server)
parameters must be contained in HTTP cookie.
After the HTTP auth, you can obtain values with following variable assign:
session.custom.starthour =
expr { [lindex [regexp -inline {starthour=([^;\\\r]*)} [mcget session.http.last.response_cookie]] 1] }
session.custom.endhour =
expr { [lindex [regexp -inline {endhour=([^;\\\r]*)} [mcget session.http.last.response_cookie]] 1] }
If your HTTP server does not include informations in cookies, you can use a virtual server (with irule) between APM and HTTP server to insert expected format in response.