Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

iRule to remove HTTP Headers like SamAccountName

lashleya
Altostratus
Altostratus

We are using the following iRule to include SamAccountName header:

 

when ACCESS_ACL_ALLOWED {

#Add Username as a Session Variable to be called below

if { [ACCESS::session data get session.saml.last.result] == 1 } {

set name [ACCESS::session data get "session.saml.last.attr.name.SamAccountName"]

HTTP::header insert SamAccountName "$name"

HTTP::header insert WL-Proxy-Client-IP [IP::client_addr]

}

 

Application owners have discovered the SamAccountName can be modified in the header and the user logging in will be different.

 

We are looking for a solution to write an iRule that would strip out the initial SamAccountName header information and replace it.

1 REPLY 1

boneyard
MVP
MVP

that would be HTTP::header replace or first HTTP::header delete and then HTTP::insert to make sure you don't have double ones.