policy-httpCallout¶
The following operations can be performed on "policy-httpCallout":
add policy httpCallout¶
Adds an expression element that, when evaluated, sends an HTTP request to a specified service and receives an HTTP response from the service. Can be used to obtain additional information for use in evaluating policy rules and other expressions. The expression prefix SYS.HTTP_CALLOUT invokes an HTTP callout. You can construct the HTTP callout request in one of two ways: * Specify individual parts of the request by using the HTTP method, host expression, URL stem expression, and header parameters. These parts are evaluated at run time and concatenated to build the request. * Specify the entire HTTP request in a single expression.
Synopsis¶
add policy httpCallout <name> [-IPAddress <ip_addr|ipv6_addr>] [-port <port>] [-vServer <string>] [-returnType <returnType>] [-httpMethod ( GET | POST )] [-hostExpr <expression>] [-urlStemExpr <expression>] [-headers <name(value)> ...] [-parameters <name(value)> ...] [-bodyExpr <expression>] [-fullReqExpr <expression>] [-scheme ( http | https )] [-resultExpr <expression>] [-cacheForSecs <secs>] [-comment <string>]
Arguments¶
name
Name for the HTTP callout. Not case sensitive. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Must not begin with 're' or 'xp' or be a word reserved for use as an expression qualifier prefix (such as HTTP) or enumeration value (such as ASCII). Must not be the name of an existing named expression, pattern set, dataset, stringmap, or HTTP callout.
IPAddress
IP Address of the server (callout agent) to which the callout is sent. Can be an IPv4 or IPv6 address. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.
port
Server port to which the HTTP callout agent is mapped. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout. Minimum value: 1
vServer
Name of the load balancing, content switching, or cache redirection virtual server (the callout agent) to which the HTTP callout is sent. The service type of the virtual server must be HTTP. Mutually exclusive with the IP address and port parameters. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.
returnType
Type of data that the target callout agent returns in response to the callout. Available settings function as follows: * TEXT - Treat the returned value as a text string. * NUM - Treat the returned value as a number. * BOOL - Treat the returned value as a Boolean value. Note: You cannot change the return type after it is set.
Possible values: BOOL, NUM, TEXT
httpMethod
Method used in the HTTP request that this callout sends. Mutually exclusive with the full HTTP request expression.
Possible values: GET, POST
hostExpr
String expression to configure the Host header. Can contain a literal value (for example, 10.101.10.11) or a derived value (for example, http.req.header("Host")). The literal value can be an IP address or a fully qualified domain name. Mutually exclusive with the full HTTP request expression.
urlStemExpr
String expression for generating the URL stem. Can contain a literal string (for example, "/mysite/index.html") or an expression that derives the value (for example, http.req.url). Mutually exclusive with the full HTTP request expression.
headers
One or more headers to insert into the HTTP request. Each header is specified as "name(expr)", where expr is an expression that is evaluated at runtime to provide the value for the named header. You can configure a maximum of eight headers for an HTTP callout. Mutually exclusive with the full HTTP request expression.
parameters
One or more query parameters to insert into the HTTP request URL (for a GET request) or into the request body (for a POST request). Each parameter is specified as "name(expr)", where expr is an expression that is evaluated at run time to provide the value for the named parameter (name=value). The parameter values are URL encoded. Mutually exclusive with the full HTTP request expression.
bodyExpr
An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.
fullReqExpr
Exact HTTP request, in the form of an expression, which the Citrix ADC sends to the callout agent. If you set this parameter, you must not include HTTP method, host expression, URL stem expression, headers, or parameters. The request expression is constrained by the feature for which the callout is used. For example, an HTTP.RES expression cannot be used in a request-time policy bank or in a TCP content switching policy bank. The Citrix ADC does not check the validity of this request. You must manually validate the request.
scheme
Type of scheme for the callout server.
Possible values: http, https
resultExpr
Expression that extracts the callout results from the response sent by the HTTP callout agent. Must be a response based expression, that is, it must begin with HTTP.RES. The operations in this expression must match the return type. For example, if you configure a return type of TEXT, the result expression must be a text based expression. If the return type is NUM, the result expression (resultExpr) must return a numeric value, as in the following example: http.res.body(10000).length.
cacheForSecs
Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named "calloutContentGroup". If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies. Minimum value: 1 Maximum value: 31536000
comment
Any comments to preserve information about this HTTP callout.
Example¶
add policy httpcallout h1 -IPAddress 1.1.1.1 -PORT 80
rm policy httpCallout¶
Removes an HTTP callout. You cannot remove an HTTP callout that is used in any part of policy, action, or expression.
Synopsis¶
rm policy httpCallout <name>
Arguments¶
name
Name of the HTTP callout to remove.
Example¶
rm policy httpcallout h1
set policy httpCallout¶
Modifies the attributes of an existing HTTP callout element.
Synopsis¶
set policy httpCallout <name> [-IPAddress <ip_addr|ipv6_addr>] [-port <port>] [-vServer <string>] [-returnType <returnType>] [-httpMethod ( GET | POST )] [-hostExpr <expression>] [-urlStemExpr <expression>] [-headers <name(value)> ...] [-parameters <name(value)> ...] [-bodyExpr <expression>] [-fullReqExpr <expression>] [-scheme ( http | https )] [-resultExpr <expression>] [-cacheForSecs <secs>] [-comment <string>]
Arguments¶
name
Name of the HTTP callout to configure.
IPAddress
IP Address of the server (callout agent) to which the callout is sent. Can be an IPv4 or IPv6 address. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.
port
Server port to which the HTTP callout agent is mapped. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout. Minimum value: 1
vServer
Name of the load balancing, content switching, or cache redirection virtual server (the callout agent) to which the HTTP callout is sent. The service type of the virtual server must be HTTP. Mutually exclusive with the IP address and port parameters. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.
returnType
Type of data that the target callout agent returns in response to the callout. Available settings function as follows: * TEXT - Treat the returned value as a text string. * NUM - Treat the returned value as a number. * BOOL - Treat the returned value as a Boolean value. Note: You cannot change the return type after it is set.
Possible values: BOOL, NUM, TEXT
httpMethod
Method used in the HTTP request that this callout sends. Mutually exclusive with the full HTTP request expression.
Possible values: GET, POST
hostExpr
String expression to configure the Host header. Can contain a literal value (for example, 10.101.10.11) or a derived value (for example, http.req.header("Host")). The literal value can be an IP address or a fully qualified domain name. Mutually exclusive with the full HTTP request expression.
urlStemExpr
String expression for generating the URL stem. Can contain a literal string (for example, "/mysite/index.html") or an expression that derives the value (for example, http.req.url). Mutually exclusive with the full HTTP request expression.
headers
One or more headers to insert into the HTTP request. Each header is specified as "name(expr)", where expr is an expression that is evaluated at runtime to provide the value for the named header. You can configure a maximum of eight headers for an HTTP callout. Mutually exclusive with the full HTTP request expression.
parameters
One or more query parameters to insert into the HTTP request URL (for a GET request) or into the request body (for a POST request). Each parameter is specified as "name(expr)", where expr is an expression that is evaluated at run time to provide the value for the named parameter (name=value). The parameter values are URL encoded. Mutually exclusive with the full HTTP request expression.
bodyExpr
An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.
fullReqExpr
Exact HTTP request, in the form of an expression, which the Citrix ADC sends to the callout agent. If you set this parameter, you must not include HTTP method, host expression, URL stem expression, headers, or parameters. The request expression is constrained by the feature for which the callout is used. For example, an HTTP.RES expression cannot be used in a request-time policy bank or in a TCP content switching policy bank. The Citrix ADC does not check the validity of this request. You must manually validate the request.
scheme
Type of scheme for the callout server.
Possible values: http, https
resultExpr
Expression that extracts the callout results from the response sent by the HTTP callout agent. Must be a response based expression, that is, it must begin with HTTP.RES. The operations in this expression must match the return type. For example, if you configure a return type of TEXT, the result expression must be a text based expression. If the return type is NUM, the result expression (resultExpr) must return a numeric value, as in the following example: http.res.body(10000).length.
cacheForSecs
Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named "calloutContentGroup". If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies. Minimum value: 1 Maximum value: 31536000
comment
Any comments to preserve information about this HTTP callout.
Example¶
set policy httpcallout h1 -IPAddress 1.1.1.1 -PORT 80
unset policy httpCallout¶
Use this command to remove policy httpCallout settings.Refer to the set policy httpCallout command for meanings of the arguments.
Synopsis¶
unset policy httpCallout <name> [-IPAddress] [-port] [-vServer] [-httpMethod] [-hostExpr] [-urlStemExpr] [-headers] [-parameters] [-bodyExpr] [-fullReqExpr] [-resultExpr] [-cacheForSecs] [-comment]
show policy httpCallout¶
Displays information about the configured HTTP callouts.
Synopsis¶
show policy httpCallout [<name>]
Arguments¶
name
Name of the HTTP callout to display. If a name is not provided, information about all configured HTTP callouts is shown.
Output¶
stateflag
IPAddress
Server IP address.
port
Server port.
vServer
Vserver name
returnType
Return type of the http callout
scheme
Type of scheme(HTTP/HTTPS) for the callout server
httpMethod
Http callout request type
hostExpr
PI string expression for Host
urlStemExpr
PI string expression for URL stem
headers
PI string expression for request http headers
parameters
PI string expression for request query parameters
fullReqExpr
PI string expression for full http callout request
resultExpr
PI string expression for http callout response
hits
Total hits
undefHits
Total undefs
svrState
The state of the service
effectiveState
The effective state of the service
undefReason
Reason for last undef
recursiveCallout
Number of recursive callouts
bodyExpr
An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.
cacheForSecs
Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named "calloutContentGroup". If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies.
comment
Any comments to preserve information about this HTTP callout.
gslbBindings
Number of times expression is being used in the GSLB config.
devno
count
Example¶
show policy httpcallout h1