When access policy rejects send a 403 response for server-less Client

Question

We have a scenario when user gets authenticated and gets rejected based on group check. We need to send a 403 instead of showing the access denied page. I tried several approaches but nothing worked. I tried out a per-request irule trigger but its not working.

Below is the per-request policy what we have

kumar_thota · Answer

This is the irule which is in place.&nbsp;when ACCESS_PER_REQUEST_AGENT_EVENT {&nbsp;&nbsp;set id [ACCESS::perflow get perflow.irule_agent_id]&nbsp;&nbsp;set mylandinguri [ACCESS::session data get "session.server.landinguri"]&nbsp;&nbsp;if { $id eq "403" } {&nbsp;&nbsp;&nbsp;&nbsp;log local0. "Hit first iRule agent in PR policy"&nbsp;&nbsp;&nbsp;&nbsp;ACCESS::session remove&nbsp;&nbsp;&nbsp;&nbsp;HTTP::respond 302 "Location" "service-dev.wecenergygroup.com/rest/" "Connection" "Close"&nbsp;&nbsp;&nbsp;}}when HTTP_REQUEST {&nbsp;&nbsp;if {&nbsp;&nbsp;&nbsp;&nbsp;[HTTP::uri] eq "/rest/"}{&nbsp;&nbsp;&nbsp;&nbsp;log local0. "URI found"&nbsp;&nbsp;&nbsp;&nbsp;HTTP::respond "403"&nbsp;&nbsp;&nbsp;&nbsp;}&nbsp;}&nbsp;If any suggestions that would be appreciated.&nbsp;

ivanbermejocham · Answer

For any other interested in the future, I solved it using a flag variable in ACCESS_PER_REQUEST_AGENT_EVENT event, and using HTTP::respond in HTTP_RESPONSE_RELEASE event.

Forum Discussion

When access policy rejects send a 403 response for server-less Client

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Introduction of Incident Response

custom response page for api

FIX Message Response

Operationlizing Online Fraud Detection, Prevention, and Response

Trouble redirecting on APM rejection.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS