ratclma Absent Member.
Absent Member.
467 views

Protecting url with parameters


Hi,
I need to do the following:

https://a.com/path/default.aspx?itemid=xxxx ==> Public access
https://a.com/path/default.aspx ==> Restricted
access (needs
authentication

I tried creating 2 protected resources following suggestion in a similar
thread from a few years ago

Anyway, you should add two protected resources:

1. URL: /path/default.aspx?itemid=xxxx
Authentication Procedure: [None]

2. URL: /path/default.aspx
Authentication Procedure: <login_contract>

However, doesn't seem to work as both will present NAM contract login
page.
As xxxx is a dynamically generated number, how can I set NAM so it
doesn't protect the page if the url contains the itemid parameter?

Thanks
Mark


--
ratclma
------------------------------------------------------------------------
ratclma's Profile: https://forums.netiq.com/member.php?userid=7886
View this thread: https://forums.netiq.com/showthread.php?t=56725

0 Likes
3 Replies
Knowledge Partner
Knowledge Partner

Re: Protecting url with parameters



The itemid param is part of the query string and such I don't think it can
be used as part of the match value for a protected resource.

In any case, you can't use a raw ? or * In the match value for a protected
resource as these can gave a totally different meaning in that context.

I did some trickery with Form Fill failure redirect and rewriter config to
achieve some of what you are after. However I don't recall I had two
contracts.

--
If you find this post helpful and are logged into the web interface, show
your appreciation and click on the star below...
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
ratclma Absent Member.
Absent Member.

Re: Protecting url with parameters


alexmchugh;271889 Wrote:
> The itemid param is part of the query string and such I don't think it
> can
> be used as part of the match value for a protected resource.
>
> In any case, you can't use a raw ? or * In the match value for a
> protected
> resource as these can gave a totally different meaning in that context.
>
> I did some trickery with Form Fill failure redirect and rewriter config
> to
> achieve some of what you are after. However I don't recall I had two
> contracts.
>
> --
> If you find this post helpful and are logged into the web interface,
> show
> your appreciation and click on the star below...

ALex,
Thanks for the reply. I have setup 2 protected resources but don't have
2 contracts, I need the url with the itemid parameter to be a public
resource but if there is no itemid parameter the user should be
presented with a NAM login page.
The idea being if the user is hitting the application on
/path/default.aspx (we use path based multi-homing) then they are simply
logging into the application and need to login via NAM.
But if the url being hit includes the itemid parameter it is because the
user has authenticated to the application via a local app to retrieve a
quote and an itemid assigned, therefore they don't want NAM to require
authentication by the user a second time.
Mark


--
ratclma
------------------------------------------------------------------------
ratclma's Profile: https://forums.netiq.com/member.php?userid=7886
View this thread: https://forums.netiq.com/showthread.php?t=56725

0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Protecting url with parameters

ratclma wrote:

>
> alexmchugh;271889 Wrote:
> > The itemid param is part of the query string and such I don't think
> > it can
> > be used as part of the match value for a protected resource.
> >
> > In any case, you can't use a raw ? or * In the match value for a
> > protected
> > resource as these can gave a totally different meaning in that
> > context.
> >
> > I did some trickery with Form Fill failure redirect and rewriter
> > config to
> > achieve some of what you are after. However I don't recall I had two
> > contracts.
> >
> > --
> > If you find this post helpful and are logged into the web interface,
> > show
> > your appreciation and click on the star below...

> ALex,
> Thanks for the reply. I have setup 2 protected resources but don't
> have 2 contracts, I need the url with the itemid parameter to be a
> public resource but if there is no itemid parameter the user should be
> presented with a NAM login page.
> The idea being if the user is hitting the application on
> /path/default.aspx (we use path based multi-homing) then they are
> simply logging into the application and need to login via NAM.
> But if the url being hit includes the itemid parameter it is because
> the user has authenticated to the application via a local app to
> retrieve a quote and an itemid assigned, therefore they don't want
> NAM to require authentication by the user a second time.
> Mark



Maybe you could look at authorization policies and redirect to a
different published dns name to get around this.
Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.