cancel
Showing results for 
Search instead for 
Did you mean: 

Set session variable for local user db firstname and lastname

thanhtai1789
Altostratus
Altostratus

Hi team,

I am new to F5, I am currently setting F5 as custom IDP and here is my access policy (attach files). I want to load user first name and last name (a column in local user db) from local user db and save it into the session after user login success. How would I do it?

Does it work if I try to add Variable Assign step after LocalDB Auth with the entry: session.logon.firstname = expr {[mcget {session.localdb.firstname}]}  ?

Thank you in advance.

5 REPLIES 5

LiefZimmerman
Community Manager
Community Manager

@thanhtai1789 - if you haven't been able to resolve this yet let me know - I'll see if I can get an expert to take a look.

------
Lief ZimmermanLiefZimmerman | @LiefZF5 | DevCentral Community Manager

Hi @LiefZimmerman ,

Could you help me to ask an expert to take a look at this question, please? 

Thank you in advance.

Hi @thanhtai1789 I had a look and I'm afraid I don't see first/last name listed as session variables to work with. This is all I got for the localdb related variables in my testing (first/last name parameters were indeed set for this user):

42c3c3a.session.localdb./Common/ap_localdb_test_act_localdb_auth_ag.result 1 1
042c3c3a.session.localdb.last.result 1 1
042c3c3a.session.logon./Common/ap_localdb_test_act_logon_page_ag.logonname 3 buu
042c3c3a.session.logon./Common/ap_localdb_test_act_logon_page_ag.result 1 1
042c3c3a.session.logon./Common/ap_localdb_test_act_logon_page_ag.username 3 buu
042c3c3a.session.logon.last.logonname 3 buu
042c3c3a.session.logon.last.result 1 1
042c3c3a.session.logon.last.username 3 buu  

 

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral

Thank you very much @buulam .

Actually, I want to set up F5 as Idp, I use Localuser DB for authentication and I would like to load user data (firstname, lastname) from Localuser DB to add into SAML attributes (as the attached file of this reply). So I already tried to update the access policy as above in the attached file (add step Variable Assign after authentication step) to store firstname and lastname into session, but it didn't work. Do you have any suggestions for that @buulam ?

Hey @thanhtai1789 that's what the test I was doing was to check, if the parameters get pulled into session variables which would allow you to assign them into SAML attributes.

I just now confirmed that it's a feature that others have previously identified and requested. If you open a support case, you can add your name in support. Please quote RFE 439957

~~~~~~~~~~~~~~~~~~
@buulam / YouTube.com/DevCentral