Configure named advanced policy expressions

Instead of retyping the same expression multiple times in multiple policies, you can configure a named expression and refer to the name any time you want to use the expression in a policy. For example, you could create the following named expressions:

  • ThisExpression:

    http.req.body(100).contains("this")

  • ThatExpression:

    http.req.body(100).contains("that")

You can then use these named expressions in a policy expression. For example, the following is a legal expression based on the preceding examples:

ThisExpression   ThatExpression

You can use the name of an advanced policy expression as the prefix to a function. The named expression can be either a simple expression or a compound expression. The function must be one that can operate on the type of data that is returned by the named expression.

Example 1: Simple Named Expression as a Prefix

The following simple named expression, which identifies a text string, can be used as a prefix to the AFTER_STR(“<string>“)function, which works with text data:

HTTP.REQ.BODY(1000)

If the name of the expression is top1KB, you can use top1KB.AFTER_STR(“username”) instead of HTTP.REQ.BODY(1000).AFTER_STR(“username”).

Example 2: Compound named expression as a prefix

You can create a compound named expression called basic_header_value to concatenate the user name in a request, a colon (:), and the user’s password, as follows:

add policy expression basic_header_value "HTTP.REQ.USER.NAME + \":\" + HTTP.REQ.USER.PASSWD"

You can then use the name of the expression in a rewrite action, as shown in the following example:

add rewrite action insert_b64encoded_authorization insert_http_header authorization '"Basic " + basic_header_value.b64encode' -bypassSafetyCheck YES

In the example, in the expression that is used to construct the value of the custom header, the B64 encoding algorithm is applied to the string returned by the compound named expression.

You can also use a named expression (either by itself or as a prefix to a function) to create the text expression for the replacement target in a rewrite.

Configure a named default syntax expression by using the CLI

At the command prompt, type the following commands to configure a named expression and verify the configuration:

-  add policy expression \<name\>\<value\>  

-  show policy expression \<name\>  

Example:

> add policy expression myExp "http.req.body(100).contains(\"the other\")"
Done

> show policy expression myExp
    1)      Name: myExp  Expr: "http.req.body(100).contains("the other")"  Hits: 0 Type : ADVANCED
Done

The expression can be up to 1,499 characters.

Configure a named expression by using the GUI

  1. In the navigation pane, expand AppExpert, and then click Expressions.
  2. Click Advanced Expressions.
  3. Click Add.
  4. Enter a name and a description for the expression.
  5. Configure the expression by using the process described in Configure advanced policy expression.  A message in the status bar indicates that the policy expression is configured successfully.