Skip to content
Was this article helpful?

AAA_USER_T


Represents the AAA User Information.

This topic lists the expressions that are provided by this class.

ATTRIBUTE (uint index)

Returns USER's attribute stored at a given index.
For example: HTTP.REQ.USER.ATTRIBUTE(1) gives the value of a previously extracted attribute that is stored as 'attribute1'. Index range is between 1 and 16, both included.

Parameters:

index- offset

Returns: text_t


ATTRIBUTE (text_t name)

Returns USER's attribute stored with a given name.
For example: HTTP.REQ.USER.ATTRIBUTE("name") gives the value of a previously extracted attribute that is stored as 'attribute["name"]'.

Parameters:

name- name used for extracting corresponding attribute value

Returns: text_t


AUTH_STRENGTH

Returns an integer that represents the strength of authentication of the current user session.

Returns: num_at


DOMAIN

Returns the Domain of the user.

Returns: text_t


EXTERNAL_GROUPS

Operate as a List on the External Groups which is seperated by ','.
For example: HTTP.REQ.USER.EXTERNAL_GROUPS gives list of all groups which are ',' seperated.

Returns: list_t


EXTERNAL_GROUPS (char sep)

Operate as a List on the Group which is seperated by given delimiter.
For example: HTTP.REQ.USER.EXTERNAL_GROUPS(':') gives list of all external groups which are ':' seperated.

Parameters (expressions not allowed):

sep- delimiter

Returns: list_t


GROUPS

Operate as a List on the Group which is seperated by ','.
For example: HTTP.REQ.USER.GROUPS gives list of all groups which are ',' seperated. In this list first internal groups are listed which are followed by external groups.

Returns: list_t


GROUPS_AS_XML (text_t tag)

Gives the list of groups in a SAML assertion multi-attribute format, each enclosed by an element that has the specified tagname.
For example: HTTP.REQ.USER.GROUPS_AS_XML("mytagname"): the expression will return a list of groups in the following format - financeengg In this example, finance, engg are the group names.

Parameters:

tag- tagname

Returns: text_t


GROUPS (char sep)

Operate as a List on the Group which is seperated by given delimiter.
For example: HTTP.REQ.USER.GROUPS(':') gives list of all groups which are ':' seperated. In this list first internal groups are listed which are followed by external groups.

Parameters (expressions not allowed):

sep- delimiter

Returns: list_t


INTERNAL_GROUPS

Operate as a List on the Group which is seperated by ','.
For example: HTTP.REQ.USER.INTERNAL_GROUPS gives list of all groups which are ',' seperated.

Returns: list_t


INTERNAL_GROUPS (char sep)

Operate as a List on the Group which is seperated by given delimiter.
For example: HTTP.REQ.USER.INTERNAL_GROUPS(':') gives list of all internal groups which are ':' seperated.

Parameters (expressions not allowed):

sep- delimiter

Returns: list_t


IS_MEMBER_OF_ALL (text_t patset_name)

Returns TRUE if all patterns(group string) of the patset matches user's groups in session

Parameters (expressions not allowed):

patset_name- patset Name

Returns: bool_at


IS_MEMBER_OF_ANY (text_t patset_name)

Returns TRUE if there is at least one pattern(group string) of the patset matches user's groups in session

Parameters (expressions not allowed):

patset_name- patset Name

Returns: bool_at


IS_MEMBER_OF (text_t group_name)

Returns TRUE if the user is a member of the group group_name

Parameters (expressions not allowed):

group_name- Group Name

Returns: bool_at


LOGIN_ATTEMPTS

Return the number of failed login attempts for the current user. User name is extracted from current authentication process.

Returns: num_at


LOGIN_ATTEMPTS (text_t username)

Return the number of failed login attempts for the given user.

Parameters (expressions not allowed):

username- the name of the user to get the information for.

Returns: num_at


LOGIN_NAME

Returns the NAME that is provided by user at the time of login.

Returns: text_t


NAME

Returns the NAME of the user. This is the name used by user for login unless it is overriden by name from external authentication server.

Returns: text_t


OAUTHIDP_CC_FLOW

Returns true if the AAA session is in the OAuth IDP CC Flow. This is used during authentication of the user when the AAA server acts as an IDP and the Relaying Party is Citrix Cloud. Note that this expression works only if the corresponding OAuth IDP profile is configured with a default group.

Returns: bool_at


OAUTHIDP_FLOW

Returns true if the AAA session is in the OAuth IDP Flow. This is used during authentication of the user when the AAA server acts as an IDP. Note that this expression works only if the corresponding OAuth IDP profile is configured with a default group.

Returns: bool_at


PASSWD

Returns the PASSWORD of the user.

Returns: text_t


SAMLIDP_FLOW

Returns true if the AAA session is in the SAML IDP Flow. This is used during authentication of the user when the AAA server acts as an IDP. Note that this expression works only if the corresponding SAML IDP profile is configured with a default group.

Returns: bool_at


SESSIONID

Returns the Session ID of the user.

Returns: text_t


Was this article helpful?