Forum Discussion
Kevin_Stewart
Sep 17, 2012Employee
For what it's worth, APM now (11.1 I believe) sports a pool resource assignment in the VPE.
Otherwise, you can use ACCESS_ACL_ALLOWED in very much the same way as HTTP_REQUEST. The thing to consider about these three events, ACCESS_ACL_ALLOWED, HTTP_REQUEST, and ACCESS_POLICY_AGENT_EVENT is *when* they are triggered.
ACCESS_POLICY_AGENT_EVENT fires during the policy processing and before any traffic is directed to the application. In fact, it's not until the end of the access policy that a 302 redirect is issued back to the application path.
HTTP_REQUEST fires on every request. It fires before the access policy starts, and on every request after the policy has ended. You can certainly do URI-based redirection in this event, but you have to be mindful of where you are in the access policy process. An easy way to do this is to first check for the presence of some access policy session variable.
ACCESS_ACL_ALLOWED, as mentioned, behaves very much like HTTP_REQUEST, but only fires AFTER the policy is complete.