cancel
Showing results for 
Search instead for 
Did you mean: 

Session Time-out based on the username

Reddy1
Altostratus
Altostratus

Hi All,

 

We have a requirement to assign the session time-out for the ssl-vpn based on the username. I did create the below irule, however its not getting the username, hence the class match line will not match. I did add the log statement for the variable userid, however i have noticed the irule is getting triggered right after the vpn request hits the APM. I doubt if its the right event to capture the session variables. It would be great if i can get some help here.

 

when ACCESS_SESSION_STARTED {

set userid [mcget {session.logon.last.username}]

set userip [ACCESS::session data get "session.user.clientip"]

if {[class match $userid equals Userid_Custom_7_days]} {

ACCESS::session data set session.max_session_timeout "604800"

log local0. "Incomming userid : $userid and the session-timeout is 7-Days"

} else {

ACCESS::session data set session.max_session_timeout "86400"

log local0. "Incomming userid : $userid and the session-timeout is 24-Hours"

}

 

 

Thanks,

Reddy

1 REPLY 1

Reddy1
Altostratus
Altostratus

Update !!

 

I had this re written under the HTTP event, its now able to get the username.