Lab 2.6 - Contextual Access

In this section you will configure Contextual Access for the previously created Application Groups

Task - Configure Contextual Access for header_ad Group

  1. Click Contextual Access from the ribbon

    image21

  2. Click Add

    image22

  3. Enter Name header-ad

  4. Select Application Group from the Resource Type dropdown

  5. Select header-ad from the Resource dropdown

  6. Select ad from the Primary Authentication dropdown

  7. Select header_sso from the HTTP_Header dropdown

  8. Click Save

    image23

Task - Configure Contextual Access for header-ocsp Group

  1. Click Add

    image24

  2. Enter Name header-ocsp

  3. Select Application Group from the Resource Type dropdown

  4. Select header-ocsp from the Resource dropdown

  5. Select ad from the Primary Authentication dropdown

  6. Select header_sso from the HTTP_Header dropdown

  7. Check Enable Additional Checks

    image25

  8. Click Add to add a Trigger Rule

    image26

  9. Enter Name webadmin-group

  10. Check User Group Check

  11. Locate the Website Admin group

    Tip

    Try using the filter field to search

  12. Click Add under the Action column

    image28

  13. Select Step Up from the Match Action dropdown

  14. Select ocsp from the Step Up Authentication dropdown

  15. Click Save

  16. Click Save again to save the Contextual Access Properties for ocsp-header-iap.acme.com

    image29

  17. Click Deploy located under the ribbon. Deployment will take a few moments.

    image27