Forum Discussion
Hi All,
Finally i managed to find the iRule 🙂 Here it is:
when HTTP_REQUEST {
Check for post requests to the URI
if {[HTTP::uri] ends_with "/Login" && [HTTP::method] eq "POST"}{
Collect up to 1Mb of request content
if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } {
set content_length [HTTP::header "Content-Length"]
} else {
set content_length 1048576
}
if { $content_length > 0 } {
HTTP::collect $content_length
}
}
}
when HTTP_REQUEST_DATA {
Find the username and password from the collected payload
set username [findstr [HTTP::payload] username 11 \"]
set password [findstr [HTTP::payload] password 11 \"]
HTTP::release
}
when ACCESS_SESSION_STARTED {
if { [ info exists username ] } {
ACCESS::session data set session.logon.last.username $username
ACCESS::session data set session.logon.last.password $password
}
}
I tried above iRULE in my case it was clientless... Following iRule I have:
when HTTP_REQUEST {
switch [HTTP::method] { "COPY" - "MOVE" { Replace Destination header with http if using SSL Offloading if { [HTTP::header Destination] starts_with "https" } { HTTP::header replace Destination [string map -nocase {https http} [HTTP::header value Destination]] }
HTTP::disable
}
"MKCOL" -
"PROPPATCH"
{
HTTP::disable
}
} if { ( [HTTP::uri] contains "/abc/system.svc") || ( [HTTP::uri] contains "/abc/xyz/iSite/index.htm") || ( [HTTP::uri] contains "/xyz/Client/abc.application")} { HTTP::header insert "clientless-mode" 1 if { ( [HTTP::method] equals "POST" ) and ([HTTP::header value Content-Type] contains "soap+xml" ) } { if { [HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] < 1048577 } { set content_length [HTTP::header "Content-Length"] } else { set content_length 1048576 } if { $content_length > 0 } { HTTP::collect $content_length } }
} }when HTTP_REQUEST_DATA { set username [findstr [HTTP::payload] 11 \"] set password [findstr [HTTP::payload] password= 11 \"] HTTP::release }
when ACCESS_SESSION_STARTED { if { [info exists username] } { ACCESS::session data set session.logon.last.username $username } if { [info exists password] } { ACCESS::session data set session.logon.last.password $password } }
I have and Password in multiple place in xml. I found in my packet capture it stuck very first time it find variable and password and send 302 /my.policy. Why it doesn't go through whole xml first and capture credential and go to APM,,,