Forum Discussion

Nimbostratus

Feb 26, 2015

Username and session tracking in an irule

Hi I want to track a user when they first login by capturing their username and the session cookie they are given in an irule. This is easy to achieve but i wanted to know how i can do this if ...

Cirrus

Feb 26, 2015

If the application has a unique login page that gets posted to for login you could grab the username, possibly form the query parameter if that's where it is passed, and the session cookie value and stuff them into a different cookie value that you create with your iRule that should persist for the users entire session. Something like this may work.

when HTTP_REQUEST {
    if {[HTTP::uri] starts_with "/loginpage.aspx" && [HTTP::method] equals "POST"}{
        HTTP::cookie insert BigIPsession "[URI::query [HTTP::uri] username]/[HTTP::cookie value aspsessionid]"
    }
}

Forum Discussion

Username and session tracking in an irule

Recent Discussions

Enterprise Security best practices with F5 WAF

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

Related Content

The BIG-IP Application Security Manager Part 9: Username and Session Awareness Tracking

Persist connection based on NTLM username

Link Tracking

APM - Track clicks on webtop resources

Ending an APM session when browser tab is closed