cancel
Showing results for 
Search instead for 
Did you mean: 

When access policy rejects send a 403 response for server-less Client

Kumar_Thota
Altocumulus
Altocumulus

We have a scenario when user gets authenticated and gets rejected based on group check. We need to send a 403 instead of showing the access denied page. I tried several approaches but nothing worked. I tried out a per-request irule trigger but its not working.

 

Below is the per-request policy what we have

 

0691T000008GNtXQAW.png

2 REPLIES 2

Kumar_Thota
Altocumulus
Altocumulus

This is the irule which is in place.

 

when ACCESS_PER_REQUEST_AGENT_EVENT {

  set id [ACCESS::perflow get perflow.irule_agent_id]

  set mylandinguri [ACCESS::session data get "session.server.landinguri"]

  if { $id eq "403" } {

    log local0. "Hit first iRule agent in PR policy"

    ACCESS::session remove

    HTTP::respond 302 "Location" "service-dev.wecenergygroup.com/rest/" "Connection" "Close"

   

}

}

when HTTP_REQUEST {

  if {

    [HTTP::uri] eq "/rest/"}{

    log local0. "URI found"

    HTTP::respond "403"

    }

 

}

 

If any suggestions that would be appreciated.

 

ivanbermejocham
Nimbostratus
Nimbostratus

For any other interested in the future, I solved it using a flag variable in ACCESS_PER_REQUEST_AGENT_EVENT event, and using HTTP::respond in HTTP_RESPONSE_RELEASE event.