APM- Dynamic Resource assignment based on SAML attributes
Hi Team,
Please help me to write expression( Advance resource assignment) to assign resources based on SAML attribute condition.
Access policy:
Machine cert auth --> SAML --> Endpoint check --> Advance resouce assignment
Sample user logs:
File=modules/Authentication/Saml/SamlSPAgent.cpp;Function=parseAssertion;Line=4836;Message=AttributeName: exter.extactivitycenter;"
File=modules/Authentication/Saml/SamlSPAgent.cpp;Function=parseAssertion;Line=4847;Message=ATTR_NAME: (32) exter.extactivitycenter;"
File=modules/Authentication/Saml/SamlSPAgent.cpp;Function=parseAssertion;Line=4896;Message=AttributeValue: 20034567;"
Attribute Name: exter.extactivitycenter
Attribute value: 20034567
I tried below Resource assignment expression formats (advance) in Advace resouce assignment but no luck.
1) session.saml.last.attr.name.exter.extactivitycenter== 20034567
2)expr {[mcget {session.saml.last.attr.name.exter.extactivitycenter}] == 20034567}
3)expr { [mcget {session.saml.last.attr.name.exter.extactivitycenter}] contains "20034567" }
Please guide me to use correct expression format to assign dymanic resources ( Network access profile, ACL, webtop).
Thanks,
RKram