Forum Discussion
Access allowed when it should be denied
Hi guys
I'm implementing APM in a customer environment and now we caught in a problem that the customer has an URL that I use APM to authenticate and then check the group, if the group is approved the access will be permitted. It's working as expected too. But, if another user try to log in to the application using the same machine the access is allowed even the user isn't inside the permitted group.
Is possible to check this again ?
- Luiz_Guimaraes_Nimbostratus
Hi Niels, I did it and works fine. But the problem still persist when I call another URI in the same HTTP_HOST using the same browser. Someone said that I need to configure V2V (Virtual-to-Virtual) using 1 VIP LTM with iRule redirecting to the other virtual.
My irule has a switch statement and its works as expected, but when it goes to redirect to the /my.policy to authenticate, the traffic is denied because the iRule is validated again and the new URI is not defined there.
Do you have any suggestion?
Tks
Luiz
Strange. APM uses session based cookies. When successfully authenticated it is limited to the scope of a specific browser session. What happens if you open different browser types (IE, Firefox, Chrome) and login to APM? The expected behavior would be that you have to login once for each browser.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com