Forum Discussion
Edgar_Palamarch
Nimbostratus
NimbostratusClient Authentication Based On URI
Hello,
Currently, to configure client authentication on a URI, we create 2 client SSL profiles (one of which is parent for the other) and 2 iRules that check a data group against the URI list. The ...
Kevin_Stewart
Employee
Employeeearlier you wrote that the client SSL profile should have the Client Authentication set to "ignore" and the iRule will flip it to "Require" when the secure URI is accessed.
I did indeed forget the context of the original question. 😉 But yet, because you're flipping that bit in the iRule, the Client Authentication option should be set to Ignore.
Also, it looks like the iRule doesn't detect the URI and the /SecureApi path is accessible, no browser pop-up requesting the client cert.
Well first, you're looking for an exact match against "/myApp/secureapi/myPage". At the very least I'd probably do a "starts_with" and include the base directory for which you want to require a client certificate.
if { [string tolower [HTTP::uri]] starts_with "/myapp/secureapi" }