ltm rule event ACCESS ACL ALLOWED

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



ACCESS_ACL_ALLOWED
       This event is triggered when a resource request passes the access
       control criteria and is allowed to go through the ACCESS filter.

DESCRIPTION
       This is triggered when a resource request passes the access control
       criteria and is allowed to go through the ACCESS filter. This event is
       only triggered for the resource requests and does not trigger for
       internal access control URIs (my.policy etc.) This event is a
       notification to the administrator that a resource request is being
       allowed to go through in the network.

       You can use this event to evaluate custom logic which is not supported
       natively in an ACL. For example you could further limit the access
       based on some specific session variables or some rate control or some
       HTTP/SSL properties of the user.

       Administrators can use commands to get and set session variables in
       this event or use commands to enforce more ACLs in addition to
       TCP/SSL/HTTP iRule commands.

Examples
	Evaluate an additional ACL rule
	when ACCESS_ACL_ALLOWED {
	    ACCESS::acl eval "additional_acl"
	}

	Insert a session variable into an HTTP header (the username in this example):
	when ACCESS_ACL_ALLOWED {
	    set user [ACCESS::session data get "session.logon.last.username"]
	    HTTP::header insert "X-USERNAME" $user
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-10.1.0 --First introduced the event.  --Requires APM module



BIG-IP				  2017-01-31			      iRule(1)