Authentication commands
Authentication (AUTH) commands contain functions related to authentication and login:
AUTH:get_baked_cookie() — Allows you to retrieve the baked cookie.
AUTH:set_baked_cookie(cookie) — Allows you to customize the cookie attribute of the baked cookie.
AUTH:on_off() — Returns whether authentication is required or not.
AUTH:success() — Returns whether authentication is successful or not.
AUTH:form_based() — Returns whether the authentication is HTTP form based or not.
AUTH:user() — Returns the user name in the authentication.
AUTH:pass() — Returns the password in the authentication.
AUTH:usergroup() — Returns the usergroup which the user belong to.
AUTH:realm() — Returns the realm in the authentication.
AUTH:host() — Returns the host in the authentication.
AUTH:set_usergroup() — Sets a new user group that is configured in the current authentication policy.
AUTH:get_baked_cookie()
Allows you to retrieve the baked cookie.
Syntax
AUTH:get_baked_cookie();
Arguments
N/A
Example
when COOKIE_BAKE { cookie = AUTH:get_baked_cookie() debug(“Get cookie: %s\r\n”, cookie) } Result: Get cookie: Set-Cookie: FortiADCauthSI=lfGnC2gsl7xsbAg4JFs94e4CJfFXaP3U5z6QHvo7n08cCoT5MdtQog2LmcizPo3aRiBHY/RThhocqG+DdnvsCLFJh3nBUoLeuYjGK9lY5L4=|W86hXGg; expires=Tue 23 Oct 2018 04:19:45 GMT; domain=10.1.0.99; path=/
FortiADC version: V5.2
Used in events: AUTH_RESULT
AUTH:set_baked_cookie(cookie)
Allows you to customize the cookie attribute of the baked cookie.
Syntax
AUTH:set_baked_cookie(cookie);
Arguments
Name | Description |
---|---|
cookie |
A string which specifies the baked cookie. |
Example
when COOKIE_BAED { cookie = AUTH:get_baked_cookie() new_cookie = cookie..”; Mick-Test:123444444” status = AUTH:set_baked_cookie(new_cookie) debug(“Set baked cookie, status: %s\n”, status) } Result: Set baked cookie, status: true
FortiADC version: V5.2
Used in events: AUTH_RESULT
AUTH:on_off()
Returns whether authentication is required or not.
Syntax
AUTH:on_off();
Arguments
N/A
Example
when AUTH_RESULT { on_off = AUTH:on_off() succ = AUTH:success() fm = AUTH:form_based() user = AUTH:user() pass = AUTH:pass() userg = AUTH:usergroup() realm = AUTH:realm() host = AUTH:host() debug(“authentication form based %s, on_off %s, success %s, the user %s, pass %s, realm %s, the usergroup %s, host %s\n”, fm, on_off, succ, the user, pass, realm, the userg, host) } Result: authentication form based true, on_off true, success true, the user test, pass test, realm Form333333, the userg test, host 10.1.0.99
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:success()
Returns whether authentication is successful or not.
Syntax
AUTH:success();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:form_based()
Returns whether the authentication is HTTP form based or not.
Syntax
AUTH:form_based();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:user()
Returns the user name in the authentication.
Syntax
AUTH:user();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:pass()
Returns the password in the authentication.
Syntax
AUTH:pass();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:usergroup()
Returns the user group which the user belong to.
Syntax
AUTH:usergroup();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:realm()
Returns the realm in the authentication.
Syntax
AUTH:realm();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:host()
Returns the host in the authentication.
Syntax
AUTH:host();
Arguments
N/A
Example
Please refer to command AUTH:on_off() example.
FortiADC version: V5.2
Used in events: AUTH_RESULT / HTTP_REQUEST / HTTP_DATA_REQUEST / HTTP_RESPONSE / HTTP_DATA_RESPONSE
AUTH:set_usergroup()
Sets a new user group that is configured in the current authentication policy. A new realm can also be set at the same time. It returns true if successful, otherwise, false. A realm name and a user group name are needed as input parameters.
The user group specified by the function must be in the authentication policy referenced by the VS. The result specified by the new user group will override the authentication result of the original authentication policy.
Syntax
AUTH:set_usergroup(“RealmName”, "UserGroupName");
Arguments
Name | Description |
---|---|
RealmName |
The name of the new realm to be set. (Lua string with maximum length of 63). |
UserGroupName |
The name of the user group to be set. (Lua string with maximum length of 63, must also comply with original definition of user group). |
Example
when BEFORE_AUTH { r = AUTH:set_usergroup(“Realm02”, "UserGroup02"); debug("set_usergroup successfully? %s\n", tostring(r)); }
FortiADC version: V7.2
Used in events: BEFORE_AUTH