Managing application policy
Creating, configuring, and managing Access Gateway application policies.
When configuring application access policy its important to understand that all application access policy is derived from, or inherits from, the original group specified in the applications Essentials section. Before any access policy is applied to any application URI, a check is made against the applications group setting, which may grant or deny access to the application as a whole.
Configuring application access policy
To configure an application policy:
- Navigate to the Access Gateway Admin UI console.
Click the Applications tab.
Select an application that requires new policy and click Edit.
Select the Policies sub-tab.
- Choose one of:
Add a new policy Delete an existing policy Modify an existing policy
The default root (/) policy cannot be deleted or modified.
- Click Add () in the policy list header and choose one of:
- Not Protected
- Protected Rule
See About Access Gateway policy types for type details.
- In the Resource Path field, enter the URI to the resource being protected.
- If required, un-check the Case Sensitive check box to mark the URI case insensitive.
- For Protected, Protected Rule, and Adaptive Rule, enter a regex expression representing the users who should be granted access to the resource. See Example Access Gateway policy for examples of expressions.
- Click Okay to add the policy or Cancel to cancel.
Note that policies are applied and executed according to URI precedence. See About application policy precedence for more information.
- Click Delete () next to the policy to be deleted.
- In the confirm dialog box, click Yes to delete the attribute or No to cancel the delete operation.
- Click Edit () next to the policy rule to be modified.
The Edit existing Policy dialog box is displayed.
- Modify the policy as required.
- Click Okay to save the modified Attribute or Cancel to cancel the modification.