000024053 - Challenge  not challenge  or deny access based on browser IP address

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000024053
Applies ToRSA ClearTrust Agent 4.6
Access Manager 4.7 agent
IssueChallenge, not challenge, or deny access based on browser IP address
ResolutionCreate a rules file for the agent to specify which IP addresses to allow in unchallenged or deny access altogether. If there is no rule that applies, the ClearTrust server entitlements will determine what happens.

The following rule is an example that allows a user with a particular IP Address to access a site without being challenged:

    <Rule>
        <argument type="ClientIP" expression="192.168.197.128"/>
    <action type="HTTP" argument="200"/>
    </Rule>

Refer to the rules.xml and rules.xsd for the agent as a reference for the available configuration options. The webagent.conf parameter "cleartrust.agent.rules_file" must be set to point to the rules file.
Legacy Article IDa28998

Attachments

    Outcomes