Forum Discussion
"ACCESS::disable" - doesn't work when try to bypass Access Policy with an iRule below:
Hello, we are using APM module in F5, there is an existing iRule defined that force all the front end users to use smartcard when access the F5. So we are trying to bypass the "Access Policy" using "ACCESS::disable" for some of the resources below, however, none of them work, can you please let me know if anything wrong below? Per
https://community.f5.com/discussions/technicalforum/forwarding-requests-to-apm-based-on-uri-/67707 it should work! Thanks! Very appreciate your help!
- zamroni777Nacreous
the url paths in your code are exact match.
if the logic that you need is "starts with", then you need to use other mechanism, e.g. use "if" and "string first" - mrdragoshAltocumulus
any update on this?
are you sure the path matches the string you use? easy way is to add an log local0. "string to hit" to check it matches what you think.
also the other question you mention adds some things to be case insentive: switch -glob [string tolower [HTTP::path]]
- randylee168Nimbostratus
Thanks! Yes, i am 100% sure the path match/correct, and it shows in the logs. try "switch -glob [string tolower [HTTP::path]] " does not work either. But if we switch the "ACCESS::enable" to "ACCESS::disable" and "ACCESS::disable" to "ACCESS::enable" . the funcationality work as expected, the path really "enable" .... but that is not what we want. so i think there is bug with "ACCESS::disable". thank!!
- randylee168Nimbostratus
not sure why this "Mark as Solution" since it does not work, again, the "ACCESS::enable" work very well, but "ACCESS::disable" does not work if it is not in "default" , any suggestion? thanks
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com