Forum Discussion

Nimbostratus

Oct 26, 2020

401 unauthorized return if header doesn't match

Is there a way I can write an irule so when a GET request comes to a VS on a specific URL: https://abctest1234.com/general/api, if a header value does not match on multiple ClientID such as (ClientID: RealCategory, ClientID: TrueCategory, or ClientID: BlueCategory), we want to return a 401 unauthorize response back to the client?

when HTTP_REQUEST {
	if { [[HTTP::host][HTTP::uri] eq "abctest1234.com/general/api"] && [[HTTP::header value "ClientID"] ne "RealCategory" || [HTTP::header value "ClientID"] ne "TrueCategory" || [HTTP::header value "ClientID"] ne "BlueCategory"]}{
		HTTP::respond 401
	} 
}

Andrew-F5

Employee

Oct 29, 2020

when HTTP_REQUEST {
	if { [[HTTP::host][HTTP::uri] eq "abctest1234.com/general/api"] && [[HTTP::header value "ClientID"] ne "RealCategory" || [HTTP::header value "ClientID"] ne "TrueCategory" || [HTTP::header value "ClientID"] ne "BlueCategory"]}{
		HTTP::respond 401
	} 
}

Tny81
Nimbostratus
Nov 02, 2020
Thanks Andrew! This seems to work.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

401 unauthorized return if header doesn't match

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

The return of DevCentral CodeShare.

https://{{host}}/mgmt/shared/telemetry/info returns 404

how do I detect the rst returned by the server?

Return default favicon.ico

The Disadvantages of DSR (Direct Server Return)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS