Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Limit access to a virtual server only when resource selected on WebTop

ehergott_345008
Nimbostratus
Nimbostratus

I have a policy for users to use a WebTop in order to access resources. In a few cases the portal-access method was not working because of some Java intensive websites. To work around this I created virtual servers with an assigned pool to the resource, and then added a WebTop link to the virtual server to the WebTop.

 

It works, but I need to prevent someone from simply going to the virtual server directly without first using the policy. First thought was through an iRule looking for the MRHSession cookie. The iRule is:

 

when HTTP_REQUEST { if { not [HTTP::cookie exists "MRHSession" ] } { reject } }

 

This works when applied to the virtual server. However, due to inconsistencies of users and their handling of cookies I have ran into problems. So I am researching other methods.

 

If anyone has any ideas on how to Enforce policy completion for access to a virtual server I would appreciate it.

 

1 REPLY 1

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

The best practice is to

 

  • use multi domain sso
  • create one ACL related to web top link
  • assign it with webtop link Assign a drop all ACL to any users with ACL order value higher than all other ACL
  • assign access policy to virtual server