|Applies To||RSA Access Manager 4.8 Agent|
|Issue||How to exclude files based on a regular expression in RSA Access Manager Agents|
|Cause||The cleartrust.agent.url_exclusion_list= does not support regular expressions. You can only exclude specific directories or files in the URL exclusion list.|
The rules.xml file can be used to exclude resources based on a URL that matches a regular expression. To exclude URL's using the rules.xml file you must create a rule with an argument type of "URI" and with an expression argument that contains a regular expression that matches the URL you wish to exclude. The action type for the rule should be of type "HTTP" with an argument to return the http result "200" for any URL that matches the rule. This will cause the RSA Access Manager Agent to abandon processing of any URL that matches the expression and issue the http request immediately.
An example of a rule that allows access to any aspx pages in any directory or sub directory under the home directory:
WARNING: The regular expression engine is very powerful. Ensure that the regular expression you create is carefully crafted only to exclude only he desired resources. It is very easy to unintentionally create a regular expression that matches resources you do not intend to exclude. The regular expression is not a URL, it is a substring that may match an part of the URL.
For example the rule <argument type="URI" expression="home"/> would match
but it also matches
The Access Manager agent parses the incoming URL into a URI and a querystring component before applying rules. If you wish to match the incoming URL based on the querystring portion of the URL then you should use a rule with an argument type of "querystring".
For example the rule <argument type="querystring" expression="home"/> would match
|Legacy Article ID||a44955|