This topic has 2 replies, 2 voices, and was last updated 6 years, 7 months ago by andyr.

  • Author
  • #6698

    What’s the recommended approach to setting up a policy to only force authentication for a given path, eg “/secure/*”?

    I tried setting this up with a web agent and a policy with a resource containing “https://mywebsite/secure/*”, however it was forcing users to authenticate even at the site root.

    Is this standard behaviour and the recommended approach is to use the Non Enforced URLs list in the agent settings instead?

     Scott Heger

    By default an agent will enforce authentication (and authorization if SSO Only mode is not enabled) on all resources unless you put them in the Not Enforced list. In your case if you just want to have the agent enforce authentication only, and only on /secure/* then you can do that without policy and by just setting the agent for SSO Only, add /secure/* to your Not Enforced list and then select the option to Invert the Not Enforced list. That would then only enforce protection on any URLs matching /secure/*.

    Give that a shot.


    Thanks for confirming the enforcing of authentication Scott. I was able to set this up using the not enforced URLs fine.

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?