The URL Scheme condition allows you to restrict access based on the scheme specified in the URL of the request. For example in an Access Gateway Authorization policy, if the request contains HTTP as the scheme in the URL and you require users to use HTTPS, you can use this condition to deny access and redirect them to another URL.
This condition allows you to compare A to B or B to A. You need to decide whether you want to compare a static value to the current value in the HTTP request, or whether you want to compare the current value in the HTTP request to a specified value. The comparison type you use depends upon the value you want to specify. If you want more flexibility in specifying the value, you must select to compare the current value in the HTTP request with a specified value.
To set up matching for this condition, specify the following details:
URL Scheme: Specify the scheme you want compared. You can select Current for the current value in the HTTP request, or specify a static value of http or https.
Comparison: Select one of the following types:
Comparison: URL Scheme: Specifies that you want the values compared as scheme strings and how you want the values compared. Select one of the following:
Equals: Indicates that the URL scheme must contain the same letters, in the same order as specified in the value.
Starts with: Indicates that the URL scheme must begin with the letters specified in the value.
Ends with: Indicates that the URL scheme must end with the letters specified in the value.
Contains Substring: Indicates that the URL scheme must contain the letters, in the same sequence, as specified in the Value field.
Comparison: Regular Expression: Matches: Specifies that you want the values compared as regular expressions.
Mode: Select the mode appropriate for the comparison type:
Comparison: String: Specify whether case is important by selecting Case Sensitive or Case Insensitive.
Comparison: Regular Expression: Matches: Select one or more of the following:
For regular expression syntax information, see the Javadoc for java.util.regex.Pattern.
Value: Specify the value you want to compare with the URL Scheme value. If you select a static value for the URL Scheme value, select URL Scheme and Current. If you select Current for the URL Scheme value, select one of the following value types:
Data Entry Field: Allows you to specify the scheme value you want to use in the comparison. The scheme cannot be specified with a trailing colon (:) character and must be specified in lowercase (http or https). Use the Edit button to access a text box where you can enter multiple values, each on a separate line. (See Edit Button.) Use the Add button to add values one at a time.
All entered URL schemes are compared to the requested URL scheme until a match is found or the list is exhausted.
LDAP Attribute: If you have defined an LDAP attribute containing a URL or URL scheme, you can select this option, then select your attribute.
Liberty User Profile: If you have defined a Liberty User Profile attribute containing a URL or URL scheme, you can select this option, then select your attribute.
Result on Condition Error: Specify what the condition returns when the comparison of the two values returns an error rather than the results of the comparison. Select either False or True. If you do not want the action applied when an error occurs, select False. If you want the action applied when an error occurs, select True.