Forum Discussion
Josiah_39459
Historic F5 Account
Yes, you can. All the information from the client cert authentication is stored in session variables (you can verify this in the reports in the GUI or the 'sessiondump' command via the CLI). Then you can use those session variables in the Advanced Resource Assign to assign different ACLs to different users.
Josiah_39459
Apr 26, 2016Historic F5 Account
Then you'll want to use an irule. Take a look at the examples in CLIENTSSL_CLIENTCERT: https://clouddocs.f5.com/api/irules/CLIENTSSL_CLIENTCERT.html However, if you really need to block urls for security reasons you will want to consider more than just an irule, some real security solution.