ACCESS::user¶
Description¶
The ACCESS::user commands return user ID information.
Syntax¶
ACCESS::user getsid <key>
ACCESS::user getkey <sid_hash>
ACCESS::user getsid <key>¶
- Returns the list of created external SIDs which is associated wit the specified key
ACCESS::user getkey <sid_hash>¶
- Returns the original SID for specified hash of SID
- This command works for clientless mode only
Examples¶
when HTTP_REQUEST {
set http_path [string tolower [HTTP::path] ]
if { $http_path == "/protected-uri" } {
}
else return
set apm_username [ string tolower [HTTP::username] ]
set apm_password [HTTP::password]
set user_key {}
append user_key $apm_username "." $user_hash
unset user_hash
set f_insert_clientless_mode 0
# Get a list of internal session ids which are associated with user_key
# which in this case is user credential.
set apm_cookie_list [ ACCESS::user getsid $user_key ]
if { [ llength $apm_cookie_list ] != 0 } {
# Use the first entry in the list, and convert the internal session id
# into external session id.
set apm_cookie [ ACCESS::user getkey [ lindex $apm_cookie_list 0 ] ]
if { $apm_cookie != "" } {
# And insert it as cookie to be passed into APM.
HTTP::cookie insert name MRHSession value $apm_cookie
} else {
set f_insert_clientless_mode 1
}
} else {
set f_insert_clientless_mode 1
}
# Execute access policy in clientless mode.
if { $f_insert_clientless_mode == 1 } {
HTTP::header insert "clientless-mode" 1
HTTP::header insert "username" $apm_username
HTTP::header insert "password" $apm_password
}
unset f_insert_clientless_mode
}
when ACCESS_SESSION_STARTED {
# Associate the user_key with the session by assigning the value.
if { [ info exists user_key ] } {
ACCESS::session data set "session.user.uuid" $user_key
}
}