Forum Discussion
randylee168
Nimbostratus
Nimbostratus"ACCESS::disable" - doesn't work when try to bypass Access Policy with an iRule below:
Hello, we are using APM module in F5, there is an existing iRule defined that force all the front end users to use smartcard when access the F5. So we are trying to bypass the "Access Policy" using "ACCESS::disable" for some of the resources below, however, none of them work, can you please let me know if anything wrong below? Per
https://community.f5.com/discussions/technicalforum/forwarding-requests-to-apm-based-on-uri-/67707 it should work! Thanks! Very appreciate your help!
boneyardMVP
are you sure the path matches the string you use? easy way is to add an log local0. "string to hit" to check it matches what you think.
also the other question you mention adds some things to be case insentive: switch -glob [string tolower [HTTP::path]]
randylee168Thanks! Yes, i am 100% sure the path match/correct, and it shows in the logs. try "switch -glob [string tolower [HTTP::path]] " does not work either. But if we switch the "ACCESS::enable" to "ACCESS::disable" and "ACCESS::disable" to "ACCESS::enable" . the funcationality work as expected, the path really "enable" .... but that is not what we want. so i think there is bug with "ACCESS::disable". thank!!
- randylee168
not sure why this "Mark as Solution" since it does not work, again, the "ACCESS::enable" work very well, but "ACCESS::disable" does not work if it is not in "default" , any suggestion? thanks
mrdragoshAltocumulus
any update on this?
- zamroni777
Nacreous
the url paths in your code are exact match.
if the logic that you need is "starts with", then you need to use other mechanism, e.g. use "if" and "string first"
