Forum Discussion

Kumar_Thota's avatar
Icon for Altocumulus rankAltocumulus
Feb 27, 2020

When access policy rejects send a 403 response for server-less Client

We have a scenario when user gets authenticated and gets rejected based on group check. We need to send a 403 instead of showing the access denied page. I tried several approaches but nothing worked. I tried out a per-request irule trigger but its not working.


Below is the per-request policy what we have


2 Replies

  • This is the irule which is in place.



      set id [ACCESS::perflow get perflow.irule_agent_id]

      set mylandinguri [ACCESS::session data get "session.server.landinguri"]

      if { $id eq "403" } {

        log local0. "Hit first iRule agent in PR policy"

        ACCESS::session remove

        HTTP::respond 302 "Location" "" "Connection" "Close"




    when HTTP_REQUEST {

      if {

        [HTTP::uri] eq "/rest/"}{

        log local0. "URI found"

        HTTP::respond "403"





    If any suggestions that would be appreciated.


  • For any other interested in the future, I solved it using a flag variable in ACCESS_PER_REQUEST_AGENT_EVENT event, and using HTTP::respond in HTTP_RESPONSE_RELEASE event.