Compares the DeviceID of the client against a Data Group list, (useful for centralized management of devices)
Code :
when HTTP_REQUEST {
# Apply DeviceID restriction to all ActiveSync directory traffic
if {[HTTP::path] == "/Microsoft-Server-ActiveSync"} {
# Determine whether connection is Base64 encoded, (Windows Phone) and if necessary begin decoding process
set string_b64encoded [HTTP::query]
if {[catch {b64decode $string_b64encoded} string_b64decoded] == 0 and $string_b64decoded ne ""} {
binary scan $string_b64decoded x4H2 IDlenHEX
scan $IDlenHEX %x IDlenDEC
set IDlen [expr "$IDlenDEC * 2"]
binary scan $string_b64decoded x5H$IDlen HEXdeviceID
set string_sentid [string toupper $HEXdeviceID]
} else {
set string_sentid [string toupper [URI::query [HTTP::uri]]]
}
# compare deviceID presented in HTTP::query with BigIP Data Group List - 'devices'
if {[class match $string_sentid contains devices]} {
log local0.info "Successful login with deviceID: $string_sentid"
} else {
log local0.info "Failed login with deviceID: $string_sentid"
ACCESS::session remove
}
}
}
I tried to use this irule and I have two problems:
Line 15, the deviceID is not the full query string but the deviceID parameter:
set string_sentid [URI::query [string toupper [HTTP::uri]] DEVICEID]
for some devices (I tried with iPhone mail) the first request is with method OPTIONS and without query string. did you have this issue, and did you solve it?
Hello,
what about the iphone:
for some devices (I tried with iPhone mail) the first request is with method OPTIONS and without query string. did you have this issue, and did you solve it?
I'm encountering this issue cause irule is not working only for iphone.
I can see request without the query!
