Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

When access policy rejects send a 403 response for server-less Client

Kumar_Thota
Altocumulus
Altocumulus

‎27-Feb-2020 12:59

We have a scenario when user gets authenticated and gets rejected based on group check. We need to send a 403 instead of showing the access denied page. I tried several approaches but nothing worked. I tried out a per-request irule trigger but its not working.

 

Below is the per-request policy what we have

 

0691T000008GNtXQAW.png

Labels:
2 REPLIES 2

Kumar_Thota
Altocumulus
Altocumulus

‎27-Feb-2020 13:06

This is the irule which is in place.

 

when ACCESS_PER_REQUEST_AGENT_EVENT {

  set id [ACCESS::perflow get perflow.irule_agent_id]

  set mylandinguri [ACCESS::session data get "session.server.landinguri"]

  if { $id eq "403" } {

    log local0. "Hit first iRule agent in PR policy"

    ACCESS::session remove

    HTTP::respond 302 "Location" "service-dev.wecenergygroup.com/rest/" "Connection" "Close"

   

}

}

when HTTP_REQUEST {

  if {

    [HTTP::uri] eq "/rest/"}{

    log local0. "URI found"

    HTTP::respond "403"

    }

 

}

 

If any suggestions that would be appreciated.

 

ivanbermejocham
Nimbostratus
Nimbostratus

‎31-Jan-2022 09:18

For any other interested in the future, I solved it using a flag variable in ACCESS_PER_REQUEST_AGENT_EVENT event, and using HTTP::respond in HTTP_RESPONSE_RELEASE event.

0 Kudos
Copyright © 2023 Khoros, LLC