Forum Discussion
mike_89584
Nimbostratus
NimbostratusiRule help
Hi I have two separate irules - one to restrict access to certain IPs and one to force basic authentication, and I now find that I need to combine the two, that is allow certain IPs to a VIP (or fold...
Hi,
haven't understand quite well your requirement. Here the new try :
when HTTP_REQUEST { if { [IP::client_addr] eq "xxx.xxx.xxx.xxx" } { pool Pool_my_pool.com } else { binary scan [md5 [HTTP::password]] H* password if { [class lookup "[HTTP::username]" local_user_dgroup] equals $password } { log local0. "User [HTTP::username] has been authorized to access virtual server [virtual name]" } else { log local0. "User [HTTP::username] has been denied access to virtual server [virtual name]" HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\"" } } }
Yann_Desmarest_
Nacreous
NacreousHi,
haven't understand quite well your requirement. Here the new try :
when HTTP_REQUEST {
if { [IP::client_addr] eq "xxx.xxx.xxx.xxx" } {
pool Pool_my_pool.com
} else {
binary scan [md5 [HTTP::password]] H* password
if { [class lookup "[HTTP::username]" local_user_dgroup] equals $password } {
log local0. "User [HTTP::username] has been authorized to access virtual server [virtual name]"
} else {
log local0. "User [HTTP::username] has been denied access to virtual server [virtual name]"
HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\""
}
}
}
mike_89584Perfect - thank you :-)