ltm rule command AUTH unsubscribe

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



AUTH::unsubscribe
       Cancels interest in auth query results.

SYNOPSIS
       AUTH::unsubscribe AUTH_ID

DESCRIPTION
       AUTH::unsubscribe cancels interest in auth query results.
       AUTH::response_data will not return data from query results for which a
       subscription has been cancelled before AUTH::authenticate has been
       called. Also see AUTH::subscribe.

       AUTH::unsubscribe 

	    * Cancels interest in auth query results.

RETURN VALUE
VALID DURING
EXAMPLES
	The rule below demonstrates how multi-pass auth might be performed.
	Additional error checking of the group name would be necessary in a
	production-ready rule.

	rule multi_pass_auth {
	    when HTTP_REQUEST {
		if {not [info exists auth_pass]} {
		    set auth_sid [AUTH::start pam auth_method_user]
		    AUTH::subscribe $auth_sid
		    set auth_username [HTTP::username]
		    set auth_password [HTTP::password]
		    AUTH::username_credential $auth_sid $auth_username
		    AUTH::password_credential $auth_sid $auth_password
		    AUTH::authenticate $auth_sid
		    set auth_pass 1
		}
	    }
	    when AUTH_RESULT {
		if {[AUTH::status] != 1} {
		    if {$auth_pass == 1} {
			HTTP::respond 401
		    } else {
			reject
		    }
		}
		if {$auth_pass == 1} {
		    array set auth_response_data [AUTH::response_data]
		    set auth_group [lindex [array get auth_response_data ldap
		    AUTH::abort $auth_sid
		    set auth_sid [AUTH::start pam $auth_group]
		    AUTH::username_credential $auth_sid $auth_username
		    AUTH::password_credential $auth_sid $auth_password
		    AUTH::unsubscribe $auth_sid
		    AUTH::authenticate $auth_sid
		    set auth_pass 2
		} else {
		    HTTP::release
		    set auth_pass 3
		}
	    }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-9.0.0 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)