Forum Discussion

5 Replies

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    May 23, 2016

    Hi,

     

    ASM is not designed to block some usernames on a login page. You should use APM instead to achieve this.

     

    Depending on the authentication mecanism, you can also use irules on LTM to do what you need.

     

    What kind of authentication is used on OWA ? (Basic, Forms, certificate, ...)

     

  • Yann_Desmarest_'s avatar
    Yann_Desmarest_
    Icon for Nacreous rankNacreous
    May 23, 2016

    Hi,

     

    ASM is not designed to block some usernames on a login page. You should use APM instead to achieve this.

     

    Depending on the authentication mecanism, you can also use irules on LTM to do what you need.

     

    What kind of authentication is used on OWA ? (Basic, Forms, certificate, ...)

     

  • Yann_Desmarest's avatar
    Yann_Desmarest
    Icon for Cirrus rankCirrus
    May 24, 2016

    Hi,

    You can use the following irule : 

    wwhen HTTP_REQUEST {
    if { [class match [HTTP::username] $::denied_users] } {
       log local0. "User [HTTP::username] has been denied to access virtual server [virtual name]"
       HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\""
    }
}

    You need first to create a datagroup that contains all denied usernames "denied_users" and then create the above irule and assign it to your Virtual Server