Monday, 1 December 2014

[OAM]: Configuring pre authentication Advance Rules

Configuring pre authentication Advance Rules:

Pre-Requisites:
  • OAM Managed & Admin Server are up & running.
  • You have already created the 'Webgate Profile' & the artifacts are placed in the webgate instance directory. 

1) Log in to OAM Console: http://<host:port>/oamconsole



2) Go to 'Application Domain' & select the webgate profile that you have created. Like in our case i am using 'dcc-7778'.



3) Select 'Authentication Policies' tab:



  • Open 'Protected Resources':

4) Now we need to select the 'Advanced Rules' tab: 


  • Let's create a pre-authenticate rule: Click the '+' sign
  • Fill the fields:
    • Rule Name - Provide the rule name.
    • Condition - This will be a condition which needs to be configured using Jython Script style.
    • Switch Authentication Scheme - If condition is true, than we will switch the Authentication Scheme.
    • Deny Access - If this flag is true, than no need to configure 'Switch Authentication Scheme'.
    • Click 'Add' to add the rule.
    • Apply the changes.

5) The rule that we have created above states that if User IP Address starts with '10.' than switch the configured Authentication Scheme from the one we have configured to 'Basic Scheme'.

6) Now we are good to test the changes done. Let's hit the request, it should ask for credentials but as per 'Basic Scheme'

http://<host:port>/index.html


Note: The Client IP Address here starts with '10.' 

Reference: https://docs.oracle.com/cd/E52734_01/oam/AIAAG/GUID-1E9A2B43-140C-4A85-8DEA-521CE3F57B12.htm#AIAAG88930

Hurray.... we are done... congrats... :-)

Enjoy :-)

No comments:

Post a Comment