auto escaping of variables used via %{xxx}
Hi,
I have a problem when using a session variable as "Search base" in a following LDAP query. I'm using the host-header to search only a specific sub-tree of my LDAP server. For that, I search an "application" tree in my LDAP-directory, where the mapping between host-header and search-base is stored.
When using the variable which was created by the first LDAP search for search-base of the 2nd LDAP search I got the following error message:
LDAP module: query with 'uid=axfme01' failed: No such object, dn: ou=ABX\2cou=Kunden\2cdc=abxsec\2cdc=com scope: 2 filter: uid=axfme01 (32)
so the variable got escaped which results in an error at the ldapsearch.
In the Irule before the search starts, I log the variable via syslog and there is no escaping done:
ACCESS::session data set session.custom.searchDnHostAccess "[ACCESS::session data get session.ldap.last.attr.ABXKSearchDN]"
log local0. "SearchDN: [ACCESS::session data get session.ldap.last.attr.ABXKSearchDN]"
Here is the relevant part of the log:
Oct 11 14:52:21 ras1zh info tmm6[10190]: Rule /Common/portal_ras_access-policy : entering portal_host_post ...
Oct 11 14:52:21 ras1zh info tmm6[10190]: Rule /Common/portal_ras_access-policy : SearchDN: ou=ABX,ou=Kunden,dc=abxsec,dc=com
I also tried to display a message-box instead of logging it, I thought maybe escaped characters get lost somewhere on the way in the log, but its the same.
my question:
why is the content of the variable escaped ? or if it's not, why will it be escaped when used as search-dn ? How can I work around this "feature" ?
best regards,
flo