Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Access denied when using ESP

 

Information

 

Summary: Access denied message when accessing the root page of an application
Environment:

Product: LoadMaster

Version: Any.

Platform: Any.

Application: Any.

Question/Problem Description:

Users will get an access denied error when ESP is used and the root page "/" is requested in the URL. When accessing other services or directories of the application, access will be granted. 

Steps to Reproduce:
  1. Create a HTTP/HTTPS Virtual Service
  2. Add a real server that has a web page running either on HTTP or HTTPS.
  3. Enable ESP and fill out the options as follow:
    • Client Authentication Mode: any type should work for this example.
    • SSO Domain: any SSO domain should work for this example. This can be left empty if no SSO domain exists.
    • Allowed Virtual Hosts: set this to "*.*" to allow all Virtual Hosts.
    • Allowed Virtual Directories: for our example, we will set this to /test. Any other URL can be used as needed. Regular expressions are also supported in this field.
    • The configuration should look similar to the one below:
    • ESP_virtual_host.png
  4. Navigate to your Virtual Service with the Allowed Dirtual Directories as the URL. 
  5. We should get a response when we specify the virtual directory: success.png
  6. We should get an access denied when we specify anything else that is not configured in the Allowed Dirtual Directories field:

Access_denied.png

Error Message: ESP 403 Forbidden - Access denied
Defect Number:  
Enhancement Number:  
Cause: The correct URL was not added in the Allowed Virtual Directories under the ESP Options for the HTTP(S) Virtual Service.
Resolution:

Add the root page "/" in the Allowed Virtual Directories under the ESP Options. The final configuration should look like the below:

Final_config_ESP.png

Workaround:  
Notes:  

Comments