Forum Discussion
Kai_Wilke
Feb 01, 2018MVP
Hi Teddy,
you may take a look to the iRule below...
when ACCESS_ACL_ALLOWED {
Removing any ocourence of user provided X-P headers (for security reasons)
HTTP::header remove "X-P"
Injecting the SAML nameid value as new X-P header (for SSO purposes)
HTTP::header insert "X-P" [ACCESS::session data get "session.saml.last.attr.name.nameid"]
log local0.debug "Debug: Insert HTTP-Header X-P=[ACCESS::session data get "session.saml.last.attr.name.nameid"]"
}
The iRule removes at first any user provided X-P HTTP-header instance (for security purposes) and then copies the value of the APM variable "session.saml.last.attr.name.nameid" into a new "X-P" HTTP-header.
Cheers, Kai