APM Custom Expression - Search for string, if match, replace with
I wish I were better at this...
I currently have an APM setup for CAC authentication that pulls the users UPN and matches it to AD --Via: ( nothing special; via F5 "how to" )
set e_fields [split [mcget {session.ssl.cert.x509extension}] "\n"]; foreach qq $e_fields { if {[string first "othername:UPN" $qq] >= 0} { return [string range $qq [expr { [string first "<" $qq] + 1 } ] [expr { [string first ">" $qq] - 1 } ] ]; } } return "";
--I need to use the idea of this but change a few things that will search a PKI certificate for two fields.
mcget {session.ssl.cert.x509extension}
UPN(wanted)= session.ssl.cert.serial ,matching it to "00 d2 a5" AND session.ssl.cert.cn ,matching it to "foo.bar.lala.mil" IF both match, replace foo.bar with @mil ,IF both do not match THEN FAIL.
*I'm doing two matches to add a layer of security.
"SamAccountName" will be foo ,to authenticate to MyServer.
What this does allow two servers to communicate via SSL: One server will pass information TO another server.
Server --SSL---> MyServer ,the F5 will have the "Server"s Public Cert and Key.
I hope I explained it well enough...I'm horrible at explaining my thoughts :)
Thank you very much!