Use this command to configure HTTP authentication rules.
Authentication rules are used by the HTTP authentication feature to define sets of request URLs that will be authorized for each user group.
You apply authentication rules by adding them to an authentication policy, which is ultimately selected within an inline protection profile for use in web protection. For details, see waf http-authen http-authen-policy.
To use this command, your administrator account’s access control profile must have either
rw permission to the
wafgrp area. For details, see Permissions.
config waf http-authen http-authen-rule
Enter the name of a new or existing rule. The maximum length is 63 characters.
To display the list of existing rules, enter:
Enter the name of a protected host that the
This setting applies only if
Enable to apply this HTTP authentication rule only to HTTP requests for specific web hosts. Also configure host "<protected-hosts_name>".
Disable to match the HTTP authentication rule based upon the other criteria, such as the URL, but regardless of the
|Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999.
Select which type of HTTP authentication to use, either:
|Enter the literal URL, such as
/employees/holidays.html, that a request must match in order to trigger HTTP authentication. The maximum length is 256 characters.
Enter the name of a user group that is authorized to use the URL in request-url "<path_str>". The maximum length is 63 characters.
To display the list of existing user groups, enter:
Enter the realm, such as
Browsers often use the realm multiple times.
The realm may be the same for multiple authentication rules, if all of those URLs permit the same user group to authenticate.
For example, the user group
This field does not appear if authen-type is
For an example, see waf http-authen http-authen-policy.