ltm rule command AUTH ssl cc ldap status

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



AUTH::ssl_cc_ldap_status
       Returns the status from the last successful client certificate-based
       LDAP query.

SYNOPSIS
       AUTH::ssl_cc_ldap_status AUTH_ID

DESCRIPTION
       Returns the status from the last successful client certificate-based
       LDAP query for the specified authorization session . The system
       returns an empty string if the last successful query did not perform a
       client certificate-based LDAP query, or if no query has yet been
       performed. This command has been deprecated in favor of
       AUTH::response_data.

       AUTH::ssl_cc_ldap_status 

	    * Returns the status from the last successful client
	      certificate-based LDAP query for the specified authorization
	      session .

RETURN VALUE
VALID DURING
EXAMPLES
	The rule below mimics the behavior of a BIG-IP 4.x authz configuration
	   "insert client status enable". This rule would be used in conjunction
	with client certificate LDAP auth.

	when RULE_INIT {
	    set tmm_auth_subscription "*"
	}
	when AUTH_RESULT {
	    array set auth_response_data [AUTH::response_data]
	    # set cc_ldap_status [AUTH::ssl_cc_ldap_status]
	    set cc_ldap_status [lindex [array get auth_response_data ccldap
	}
	when HTTP_REQUEST {
	    HTTP::header insert "SSLClientAuthorizationStatus: $cc_ldap_status"
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-9.0.0 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)