ltm rule event ACCESS SAML SLO RESPΒΆ

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



ACCESS_SAML_SLO_RESP
       This event is triggered when the SAML single logout response payload is
       generated for a user session.

DESCRIPTION
       This event is triggered when the SAML single logout response payload is
       generated and before it is signed for a user session by BIG-IP as
       service provider or identity provider. Admin can use this event to view
       and make modifications to the generated SAML single logout response
       payload. Admin can use ACCESS::saml slo_resp command to extract and
       modify SAML single logout response.

Examples
	when ACCESS_SAML_SLO_RESP {
		# Variable slo_response is set to the SAML single logout response payload generated.
		set slo_response [ ACCESS::saml slo_resp ]
		# The value set in variable slo_response is logged.
		log -noname accesscontrol.local1.notice "SLO Response before modification: $slo_response"
		# The variable slo_response is copied to variable new_slo_response.
		set new_slo_response $slo_response
		# regsub is used to insert 'StatusMessage' element within 'Status' element in new_slo_response.
		regsub -all {} $new_slo_response " logout is successful" new_slo_response
		# Variable new_slo_response is set as the SAML single logout response to be processed and forwarded.
		ACCESS::saml slo_resp $new_slo_response
		# The value set in variable new_slo_response is logged.
		log -noname accesscontrol.local1.notice "SLO Response after modification: $new_slo_response"
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-14.1.0 --First introduced the event.



BIG-IP				  2019-05-10			      iRule(1)