Lab 2.6 - Contextual Access

In this section you will configure Contextual Access for the previously created Application Groups

Task - Configure Contextual Access for adauth_header Group

  1. Click Contextual Access from the ribbon

    image21

  2. Click Add

    image22

  3. Enter Name ad-header-iap.acme.com

  4. Select Application Group from the Resource Type dropdown

  5. Select adauth_header-iap.acme.com from the Resource dropdown

  6. Select ad from the Primary Authentication dropdown

  7. Select header_sso from the HTTP_Header dropdown

  8. Click Save

    image23

Task - Configure Contextual Access for ocspauth_header Group

  1. Click Add

    image24

  2. Enter Name ocsp-header-iap.acme.com

  3. Select Application Group from the Resource Type dropdown

  4. Select ocspauth_header-iap.acme.com from the Resource dropdown

  5. Select ad from the Primary Authentication dropdown

  6. Select header_sso from the HTTP_Header dropdown

  7. Check Enable Additional Checks

    image25

  8. Click Add to add a Trigger Rule

    image26

  9. Enter Name ad-webadmin-group-check

  10. Check User Group Check

  11. Locate the Website Admin group

Tip

Try using the filter field to search

  1. Click Add under the Action column

    image28

  2. Select Step Up from the Match Action dropdown

  3. Select ocsp from the Step Up Authentication dropdown

  4. Click Save

  5. Click Save again to save the Contextual Access Properties for ocsp-header-iap.acme.com

    image29

  6. Click Deploy located under the ribbon. Deployment will take a few moments.

    image27