ACCESS_SESSION_STARTED

Description

This event is triggered when a new user session is created. This is triggered after creating the session context and initial session variables related to user’s source IP, browser capabilities and accepted languages etc. This event is a notification to admin that a new session is being created. Admin can use this event to do some more session restriction checks, and prevent the session from being created in this event. For e.g. if user is exceeding some kind of limit (concurrent sessions etc.) or if the user does not qualify for a new session due to some thing which is a custom logic. Admin can use ACCESS::session commands to get and set various session variables. Admin can also use TCP/SSL/HTTP iRule commands to know various TCP/SSL/HTTP properties of the user.

Examples

Example 1: In this example, admin logs user’s agent
when ACCESS_SESSION_STARTED {
  log local0.notice "APM: Received a new session from browser: [ACCESS::session data get "session.user.agent"]"
}

Example 2: In this example, admin limits the application access to one subnet 192.168.255.0 only.
when ACCESS_SESSION_STARTED {
   set user_subnet [ACCESS::session data get "session.user.clientip"]
   if { ![IP::addr $user_subnet equals 192.168.255.0/24] } {
       log local0. "Unauthorized subnet"
       ACCESS::session remove
   }
}