Hi,
you can use this irule:
when CLIENTSSL_HANDSHAKE {
if {![info exists username]} {set username ""}
}
when CLIENTSSL_CLIENTCERT {
Check if client provided a cert
if { [SSL::cert count] > 0 } {
set username [regsub -all ".*CN=(.\[^,\]*),.*$" [X509::subject [SSL::cert 0]] {\1}]
}
}
when HTTP_REQUEST {
if {[HTTP::uri] equals /} {
HTTP::redirect "/$username"
}elseif { !([HTTP::uri] starts_with "/$username") } {
HTTP::respond 403 content {
Not authorized
You are not autorized to access this website
} noserver
}
}