ADC CLI Commands

policy-httpCallout

The following operations can be performed on “policy-httpCallout”:

add rm set unset show

add policy httpCallout

Adds an expression element that, when evaluated, sends an HTTP request to a specified service and receives an HTTP response from the service. Can be used to obtain additional information for use in evaluating policy rules and other expressions. The expression prefix SYS.HTTP_CALLOUT invokes an HTTP callout. You can construct the HTTP callout request in one of two ways:

  • Specify individual parts of the request by using the HTTP method, host expression, URL stem expression, and header parameters. These parts are evaluated at run time and concatenated to build the request.
  • Specify the entire HTTP request in a single expression.

Synopsis

add policy httpCallout \[-IPAddress <ip\_addr|ipv6\_addr>] \[-port ] \[-vServer ] \[-returnType ] \[-httpMethod \( GET | POST )] \[-hostExpr ] \[-urlStemExpr ] \[-headers <name\(value)> ...] \[-parameters <name\(value)> ...] \[-bodyExpr ] \[-fullReqExpr ] \[-scheme \( http | https )] \[-resultExpr ] \[-cacheForSecs ] \[-comment ]

Arguments

name Name for the HTTP callout. Not case sensitive. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Must not begin with ‘re’ or ‘xp’ or be a word reserved for use as an expression qualifier prefix (such as HTTP) or enumeration value (such as ASCII). Must not be the name of an existing named expression, pattern set, dataset, stringmap, or HTTP callout.

IPAddress IP Address of the server (callout agent) to which the callout is sent. Can be an IPv4 or IPv6 address. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.

port Server port to which the HTTP callout agent is mapped. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout. Minimum value: 1

vServer Name of the load balancing, content switching, or cache redirection virtual server (the callout agent) to which the HTTP callout is sent. The service type of the virtual server must be HTTP. Mutually exclusive with the IP address and port parameters. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.

returnType Type of data that the target callout agent returns in response to the callout. Available settings function as follows:

  • TEXT - Treat the returned value as a text string.
  • NUM - Treat the returned value as a number.
  • BOOL - Treat the returned value as a Boolean value. Note: You cannot change the return type after it is set.

Possible values: BOOL, NUM, TEXT

httpMethod Method used in the HTTP request that this callout sends. Mutually exclusive with the full HTTP request expression.

Possible values: GET, POST

hostExpr String expression to configure the Host header. Can contain a literal value (for example, 10.101.10.11) or a derived value (for example, http.req.header(“Host”)). The literal value can be an IP address or a fully qualified domain name. Mutually exclusive with the full HTTP request expression.

urlStemExpr String expression for generating the URL stem. Can contain a literal string (for example, “/mysite/index.html”) or an expression that derives the value (for example, http.req.url). Mutually exclusive with the full HTTP request expression.

headers One or more headers to insert into the HTTP request. Each header is specified as “name(expr)”, where expr is an expression that is evaluated at runtime to provide the value for the named header. You can configure a maximum of eight headers for an HTTP callout. Mutually exclusive with the full HTTP request expression.

parameters One or more query parameters to insert into the HTTP request URL (for a GET request) or into the request body (for a POST request). Each parameter is specified as “name(expr)”, where expr is an expression that is evaluated at run time to provide the value for the named parameter (name=value). The parameter values are URL encoded. Mutually exclusive with the full HTTP request expression.

bodyExpr An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.

fullReqExpr Exact HTTP request, in the form of an expression, which the Citrix ADC sends to the callout agent. If you set this parameter, you must not include HTTP method, host expression, URL stem expression, headers, or parameters. The request expression is constrained by the feature for which the callout is used. For example, an HTTP.RES expression cannot be used in a request-time policy bank or in a TCP content switching policy bank. The Citrix ADC does not check the validity of this request. You must manually validate the request.

scheme Type of scheme for the callout server.

Possible values: http, https

resultExpr Expression that extracts the callout results from the response sent by the HTTP callout agent. Must be a response based expression, that is, it must begin with HTTP.RES. The operations in this expression must match the return type. For example, if you configure a return type of TEXT, the result expression must be a text based expression. If the return type is NUM, the result expression (resultExpr) must return a numeric value, as in the following example: http.res.body(10000).length.

cacheForSecs Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named “calloutContentGroup”. If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies. Minimum value: 1 Maximum value: 31536000

comment Any comments to preserve information about this HTTP callout.

Example

add policy httpcallout h1 -IPAddress 1.1.1.1 -PORT 80

rm policy httpCallout

Removes an HTTP callout. You cannot remove an HTTP callout that is used in any part of policy, action, or expression.

Synopsis

rm policy httpCallout

Arguments

name Name of the HTTP callout to remove.

Example

rm policy httpcallout h1

set policy httpCallout

Modifies the attributes of an existing HTTP callout element.

Synopsis

set policy httpCallout \[-IPAddress <ip\_addr|ipv6\_addr>] \[-port ] \[-vServer ] \[-returnType ] \[-httpMethod \( GET | POST )] \[-hostExpr ] \[-urlStemExpr ] \[-headers <name\(value)> ...] \[-parameters <name\(value)> ...] \[-bodyExpr ] \[-fullReqExpr ] \[-scheme \( http | https )] \[-resultExpr ] \[-cacheForSecs ] \[-comment ]

Arguments

name Name of the HTTP callout to configure.

IPAddress IP Address of the server (callout agent) to which the callout is sent. Can be an IPv4 or IPv6 address. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.

port Server port to which the HTTP callout agent is mapped. Mutually exclusive with the Virtual Server parameter. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout. Minimum value: 1

vServer Name of the load balancing, content switching, or cache redirection virtual server (the callout agent) to which the HTTP callout is sent. The service type of the virtual server must be HTTP. Mutually exclusive with the IP address and port parameters. Therefore, you cannot set the <IP Address, Port> and the Virtual Server in the same HTTP callout.

returnType Type of data that the target callout agent returns in response to the callout. Available settings function as follows:

  • TEXT - Treat the returned value as a text string.
  • NUM - Treat the returned value as a number.
  • BOOL - Treat the returned value as a Boolean value. Note: You cannot change the return type after it is set.

Possible values: BOOL, NUM, TEXT

httpMethod Method used in the HTTP request that this callout sends. Mutually exclusive with the full HTTP request expression.

Possible values: GET, POST

hostExpr String expression to configure the Host header. Can contain a literal value (for example, 10.101.10.11) or a derived value (for example, http.req.header(“Host”)). The literal value can be an IP address or a fully qualified domain name. Mutually exclusive with the full HTTP request expression.

urlStemExpr String expression for generating the URL stem. Can contain a literal string (for example, “/mysite/index.html”) or an expression that derives the value (for example, http.req.url). Mutually exclusive with the full HTTP request expression.

headers One or more headers to insert into the HTTP request. Each header is specified as “name(expr)”, where expr is an expression that is evaluated at runtime to provide the value for the named header. You can configure a maximum of eight headers for an HTTP callout. Mutually exclusive with the full HTTP request expression.

parameters One or more query parameters to insert into the HTTP request URL (for a GET request) or into the request body (for a POST request). Each parameter is specified as “name(expr)”, where expr is an expression that is evaluated at run time to provide the value for the named parameter (name=value). The parameter values are URL encoded. Mutually exclusive with the full HTTP request expression.

bodyExpr An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.

fullReqExpr Exact HTTP request, in the form of an expression, which the Citrix ADC sends to the callout agent. If you set this parameter, you must not include HTTP method, host expression, URL stem expression, headers, or parameters. The request expression is constrained by the feature for which the callout is used. For example, an HTTP.RES expression cannot be used in a request-time policy bank or in a TCP content switching policy bank. The Citrix ADC does not check the validity of this request. You must manually validate the request.

scheme Type of scheme for the callout server.

Possible values: http, https

resultExpr Expression that extracts the callout results from the response sent by the HTTP callout agent. Must be a response based expression, that is, it must begin with HTTP.RES. The operations in this expression must match the return type. For example, if you configure a return type of TEXT, the result expression must be a text based expression. If the return type is NUM, the result expression (resultExpr) must return a numeric value, as in the following example: http.res.body(10000).length.

cacheForSecs Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named “calloutContentGroup”. If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies. Minimum value: 1 Maximum value: 31536000

comment Any comments to preserve information about this HTTP callout.

Example

set policy httpcallout h1 -IPAddress 1.1.1.1 -PORT 80

unset policy httpCallout

Use this command to remove policy httpCallout settings.Refer to the set policy httpCallout command for meanings of the arguments.

Synopsis

unset policy httpCallout [-IPAddress] [-port] [-vServer] [-httpMethod] [-hostExpr] [-urlStemExpr] [-headers] [-parameters] [-bodyExpr] [-fullReqExpr] [-resultExpr] [-cacheForSecs] [-comment]

show policy httpCallout

Displays information about the configured HTTP callouts.

Synopsis

show policy httpCallout []

Arguments

name Name of the HTTP callout to display. If a name is not provided, information about all configured HTTP callouts is shown.

Output

stateflag IPAddress Server IP address.

port Server port.

vServer Vserver name

returnType Return type of the http callout

scheme Type of scheme(HTTP/HTTPS) for the callout server

httpMethod Http callout request type

hostExpr PI string expression for Host

urlStemExpr PI string expression for URL stem

headers PI string expression for request http headers

parameters PI string expression for request query parameters

fullReqExpr PI string expression for full http callout request

resultExpr PI string expression for http callout response

hits Total hits

undefHits Total undefs

svrState The state of the service

effectiveState The effective state of the service

undefReason Reason for last undef

recursiveCallout Number of recursive callouts

bodyExpr An advanced string expression for generating the body of the request. The expression can contain a literal string or an expression that derives the value (for example, client.ip.src). Mutually exclusive with -fullReqExpr.

cacheForSecs Duration, in seconds, for which the callout response is cached. The cached responses are stored in an integrated caching content group named “calloutContentGroup”. If no duration is configured, the callout responses will not be cached unless normal caching configuration is used to cache them. This parameter takes precedence over any normal caching configuration that would otherwise apply to these responses. Note that the calloutContentGroup definition may not be modified or removed nor may it be used with other cache policies.

comment Any comments to preserve information about this HTTP callout.

gslbBindings Number of times expression is being used in the GSLB config.

devno count

Example

show policy httpcallout h1

policy-httpCallout