Layer7 Access Management

Expand all | Collapse all

How to apply different authorization groups based on query parameters.

Jump to Best Answer
  • 1.  How to apply different authorization groups based on query parameters.

    Posted 11-16-2016 09:22 PM

    I need to implement something like this.

    Any member of any of N groups can access a host https://host.samples.com/* for exception that the following specific resources only accessible by users from a corresponding groups. i.e.

    https://host.samples.com?gr=group1 is accessible by users from group1

    ...

    https://host.samples.com?gr=groupN is accessible by users from groupN

     

    So far any user get authorized for a group related URL because I have a rule to authorize /* resource for anyone in the groups and then a specific policy doesn't even kickes in.

     

    Thanks



  • 2.  Re: How to apply different authorization groups based on query parameters.
    Best Answer

    Posted 11-17-2016 12:30 AM

    Hi Vladimir,

     

    Just to clarify, you are limiting the access based on the query string? If so, you can create realms with respective query string as resource filter, then configure the rule and policy for each realm.



  • 3.  Re: How to apply different authorization groups based on query parameters.

    Posted 11-21-2016 08:45 AM

    Thanks for the idea, I used subrealms  it works.