About application policy

Access Gateway includes the ability to configure one or more access policies per application. Policies are applied to URI resources within an application and can be set to achieve the following:

To add or modify a policy

  1. Navigate to your Access Gateway InstanceAn instance, or computer instance, is a virtual machine (VM) or individual physical computer, used to host a software appliance. and sign on.

  2. From the Topology tab or the Applications tab open the application.
  3. Select the Policies pane.
    To add or modify policy first select the policy pane.
  4. Click the (+) icon to add a new policy.

To modify an existing policy

Tip

Tip

Click the Trash () icon next to any policy to delete that policy.
Note the root policy cannot be changed or deleted.

 

  1. Click the Pencil next to the policy being modified.
  2. In the Edit Existing Policy dialog modify the existing policy.
    For example change resource path to reflect a different URL.
    Note that the root policy cannot be changed.
  3. Click the Enable Policy toggle to enable or disable the policy.
  4. Click Okay to complete the edit, or Cancel to cancel.

To add a new policy

  1. Click the Plus () icon and select one of the application policy types.
    After clicking the plus icon, select one of the displayed policy types.
  2. In the Add New Policy dialog specify:
    FieldValue

    Enable Policy toggle

    Enable or disable the policy as required.

    NameAn appropriate name for the policy.
    For example, Grant access to /myurl or Open /openurl to all.
    Policy Type

    One of:

    • Protected
    • Not Protected
    • Protected Rule
    • Adaptive Rule
    Resource PathThe path to the resource.
    For example: /myunprotectedpath
    DescriptionAn option description of the Policy
  3. When complete click Okay to add the new policy or Cancel to cancel.

Application Policies

Policy type Description

Protected

The URL is a protected resource and can only be accessed by users after being authenticated with the Identity Provider. Note that user authorization is controlled by the group membership on the settings tab.

Not Protected

The URL is an unprotected resource that can be accessed by users without being authenticated with the Identity Provider. Note that header data is not included with Not Protected policies.

Protected Rule

A policy to control authorization to a resource overriding the access controls on the settings associated with the application.

Adaptive Rule

Behavior is identical to Not Protected but also provides headers.

Next Steps

Top