Forum Discussion
Hello,
You will need first to retrieve SAML attributes after the SAML Auth.
Just add a "Variable Assign" block with following information :
session.logon.last.identity = Session Variable session.saml.last.attr.name.identity
Then you must format the variable by splitting it. You can either do it using an "irule event" or directly within the VPE using TCL.
From the VPE : add a new entry to your variable assign block with the following custom expression
set identity [mcget {session.logon.last.identity}]
set table [split $identity \]
return [lindex $table 1]
The returned value will be the username from "domain\username". Assign this returned value to variable "session.logon.last.username" that you will use after to make the LDAP Query.
The SSO Cred. Mapping, will set following SSO variables session.sso.token.last.username and session.sso.token.last.password. These variables are used in the SSO Objects if used... You need to set them with the correct values in order to authenticate on load-balanced server.
Hope that it helps
Regards