Forum Discussion

JHDUKE's avatar
JHDUKE
Icon for Nimbostratus rankNimbostratus
Mar 27, 2024

Bypass Access Policy for EWS based on the user account

I'm looking to bypass APM for /EWS/* calls but only for a specific user. All other users will be denied access. 

 

Assuming this will need to be done with an iRule similar to the 'NTLM Logger' where it can first decode the NTLM data and identify the user then append an iRule similar to the Bypass APM iRule based on the /EWS uri and user found previously. 

 

I'm not experienced with coding iRules so some assistance here would be much appreciated. 

 

Referencing iRules:

NTLM logger (f5.com)

Bypass Access Policy with an iRule (f5.com)

1 Reply

  • APM has a few different ways you could accomplish this. Probably the best way is to use the built-in ACL functionality to apply different ACLs to your different users. Since APM already has an ACL function, and it already knows the username, you just have to define the ACLs and then make your access policy assign those ACLs to the right users.