ECA_REQUEST_ALLOWED

Description

This event is fired when ECA plugin successfully authenticates and is about to forward the request up the chain. Since NTLM is authenticating the flow, the subsequent requests within the flow fired the same event as well.

Examples

when ECA_REQUEST_ALLOWED {
    log local0. "username:     [ECA::username]"
    log local0. "domainname: [ECA::domainname]"
    log local0. "hostname:     [ECA::client_machine_name]"
    log local0. "status:          [ECA::status]"
}