needs to some help with IRule that will assign sso
I'm trying to figure out a cleaner way to redirect clients when they try to access web page directly without login first to the portal
Setup:
2 portal pages and 2 domains 2 internal applications that not suppose to be accessible directly 2 sso
My iRule for internal application
when ACCESS_ACL_ALLOWED { set domain [ACCESS::session data get "session.ad.last.actualdomain"] set authresult [ACCESS::session data get "session.ad.last.authresult"]
if { $domain == "internal.org" and $authresult == 1 } then { WEBSSO::select internal.org_ntlm_sso
} elseif { $domain == "external.local" and $authresult == 1} then { WEBSSO::select external.local_ntlm_sso This part doesn't work
else { log local0. "Authentication Failed HTTP::redirect "http://something.org"
} }
Second iRule to handle error 20 when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable }
when HTTP_REQUEST { if { [HTTP::uri] ends_with "/my.logout.php3?errorcode=19" or [HTTP::uri] ends_with "/my.logout.php3?errorcode=20" } { HTTP::redirect "http://something.org" } }
APM policy for internal sites: Start-Allow