@smalecwks wrote:
Hi,
I have setup working with client certificate authentication.
I would like to make setup to block particular user based on CN field in client certificate from accessing URL with regular expression.I can block url with regular expression with acl:
acl restricted_page url_reg TEST
http-request deny if restricted_pagewhich works and prevents me to access URL with keyword TEST.
I tried to filter users with http-request set-header X-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
but can’t make it workingBasically I would like to achieve something like this:
if client certificate CN=user1 then block URLs with keyword TEST1
if client certificate CN=user2 then block URLs with keyword TEST2Thank you in advance for any suggestions
Posts: 1
Participants: 1