Forum Discussion
Per Request access policy with OAuth Client Subroutine
- Jan 31, 2023
You can replace the 302 with 401 in the HTTP_RESPONSE_RELEASE event.
Don't forget to set:
ACCESS::restrict_irule_events disable
I had thought of that and I have tried that previously to override default APM actions, but found that those events are called even with
ACCESS::restrict_irule_events disable
I will give it another go just in case, but previous experience tells me no - think i had it confirm from F5 support as well - but it been a while
This had always worked in my projects.
- AlexS_ybFeb 05, 2023Cirrocumulus
Seems to be working I will need to go back and check out what happened before
Any way for the record.
in HTTP_REQUEST
"/xxxx/1.0/*" {
if { [HTTP::header "clientless-mode"] equals "1" } {
log local0. "set flags for [HTTP::path]"
set clmodeflag 1
set unAuthFlag 1
}don't forget to set those to 0 at the start of any request
1 that clientless-mode is set
1 flag to say send 401 instead of 302
then
when HTTP_RESPONSE_RELEASE {
if { ( [HTTP::status] == 302) && ( $clmodeflag == 1 ) && ( $unAuthFlag == 1 ) } {
# want to send 401 instead of 302
HTTP::respond 401
}}
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com