ltm rule event ACCESS ACL ALLOWED
iRule(1) BIG-IP TMSH Manual iRule(1)
ACCESS_ACL_ALLOWED
This event is triggered when a resource request passes the access control criteria and is allowed to go
through the ACCESS filter.
DESCRIPTION
This is triggered when a resource request passes the access control criteria and is allowed to go through the
ACCESS filter. This event is only triggered for the resource requests and does not trigger for internal access
control URIs (my.policy etc.) This event is a notification to the administrator that a resource request is
being allowed to go through in the network.
You can use this event to evaluate custom logic which is not supported natively in an ACL. For example you
could further limit the access based on some specific session variables or some rate control or some HTTP/SSL
properties of the user.
Administrators can use commands to get and set session variables in this event or use commands to enforce more
ACLs in addition to TCP/SSL/HTTP iRule commands.
Examples
Evaluate an additional ACL rule
when ACCESS_ACL_ALLOWED {
ACCESS::acl eval "additional_acl"
}
Insert a session variable into an HTTP header (the username in this example):
when ACCESS_ACL_ALLOWED {
set user [ACCESS::session data get "session.logon.last.username"]
HTTP::header insert "X-USERNAME" $user
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-10.1.0 --First introduced the event. --Requires APM module
BIG-IP 2020-06-23 iRule(1)