Tag: XML

Datetime and RFC3339 compliance in powershell – a deepdive

A collegue of mine asked if there is a way to output a RFC compliant datetime (https://www.ietf.org/rfc/rfc3339.txt) in powershell without manually formatting in T and Z in the middle and end to comply with ISO standard and imply UTC +-00:00


Before i start with the how, I’d like to address the why.

If you’ve ever done some coding you’re sure to have encountered issues with datettime and possibly errors and incidents due to the timeformat of a datetime string.
For example, if I live in the US then time is commonly written in month-day-year format, which during the first 12 days of each month is indistinguishable from the european day-month-year format.
This is also encountered in code, for example in powershell my locale is Swedish and the “Get-Date” cmdlet returns “den 1 augusti 2018 16:35:24” which is easy and readable for a human.
However if i convert it to a string it becomes in US format even though my culture settings in powershell is set to swedish.
In my opinion this behavior is wrong as I expect to be given a ISO standard universal format, or at least a culture appropriate format. Instead I am given a US format.

With that said, developing automation and tools for global customers a standard format is much needed when we write to logs.

The How

After a short time on google it seems no one had done this properly in powershell. I also found out that XML is RFC compliant.

How did i do it?


Great! Now let’s put it into some real code.

Example 1: Writing current date into a logfile

The output becomes a RFC compliant string and gets stored in the $now variable to be used into a out-file log operation.

Example 2: Writing a job deadline datettime

Here we create a datettime object, add 20 hours and then convert it to a RFC compliant datettime string and store it into the $RFCDeadline variable.

Hope this helps someone!

Filtering list in NetScaler and converting to XML using Policy Extension – v2

As I’ve stated, my knowledge of Lua and development is very limited. My good friend Ulrik pointed out to me that the code I was using (in my previous blog post) wasn’t optimized and helped me get it both faster and easier to understand. It’s actually works better and is about 21 times faster (the last one took about 533 437 nanoseconds/0,5ms to process and the new one takes 25 278 nanoseconds/0,025ms in my tests).

The Lua code:

A few things to note:

  • The last one did actually take the input and match it to lower, so if you entered “Group” instead of “group”, it didn’t work.
  • The processing used another function, which I’ve removed
  • I’ve tested this one with pattern matching for example “SG-AD-SAML-User” etc.

If a user is member of the following groups:
Group1, Group2, Grupp1, Grupp2, SG-AD-SAML-User, SG-AD-SAML-User-Office365, SG-AD-SAML-Admin ABC, SG-AD-SAML-Admin-Office365, SG-AD-Role-Employee

And we want to extract everything that contains -AD-SAML-, we’ll use an expression like this:

This will output all the groups containing “-AD-SAML-” into an XML-list  with the tag “xmltag” like this:
<xmltag>SG-AD-SAML-User<xmltag></xmltag>SG-AD-SAML-User-Office365<xmltag></xmltag>SG-AD-SAML-Admin ABC<xmltag></xmltag>SG-AD-SAML-Admin-Office365</xmltag>

As always, please leave a comment if you have any feedback!

Filtering list in NetScaler and converting to XML using Policy Extension

UPDATE: Updated the Lua-code, which seems to work better and is about 21 times faster. Big thanks to Ulrik! You can find the updated code here.

There was a question on the Citrix discussion forums where an administrator wants to output the groups a user is member of in a SAML Assertion, but with the caveat that only groups with a specific names should be included.

In this case the following expression is usually used: HTTP.REQ.USER.GROUPS_AS_XML(“xmltag”)

I was thinking about it and couldn’t figure out what the easiest way to do this was, so I started thinking about Lua since it’s extremely flexible and it’s fun learning new stuff. (the NetScaler developers helped me last time with a bug in the JSON-parser – see this post.)

Since I’m no developer myself, and my Lua-knowledge is very limited (at best), I started trying it out using an example Citrix have written.

The result:

When you’ve imported the policy extension, you can use it like this:

In my case, the output for HTTP.REQ.USER.GROUPS would be:

When using the policy extension, the output is:

Now remember, the above is an example and should as always be tested (and most likely optimized) before being used in production. But it works (at least in my lab) and it’s really cool to be able to modify the functionality of NetScaler this easliy.

Do you know of any way to do this without policy extensions? Or do you know Lua and there’s a better way of doing the policy extension?