For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mike_Roe_60070's avatar
Mike_Roe_60070
Icon for Nimbostratus rankNimbostratus
Nov 23, 2010

APM irule: remote login page needs referer

Hi all, We have a need to hide all our apps behind a single login application and are using a remote login page in an APM policy to do this. The problem is that this login app needs some way of findin...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Nov 24, 2010
Hi Mike,

You've succeeded in inserting a cookie into the request. This would be sent to the pool member and probably ignored.

I think you could set a variable to track the value to insert in ACCESS_SESSION_STARTED and then do the cookie insert in HTTP_RESPONSE. 


when ACCESS_SESSION_STARTED {
   set orig_referer [HTTP::header value Referer]
   log local0. "Referer: $orig_referer"
}
when HTTP_RESPONSE {

    Check if orig_referer is set
   if { [info exists orig_referer] }{

       Insert the cookie in the response
      HTTP::cookie insert name orig_referer_cookie value $orig_referer path "/"

       Unset the variable so we only set the cookie once
      unset orig_referer
   }
}

If you're using the cookie for access control, you might want to encrypt it. You can do this by setting the cookie name in a custom HTTP profile for 'cookies to encrypt'. Or you could do it manually using 'HTTP::cookie encrypt|decrypt':

http://devcentral.f5.com/wiki/default.aspx/iRules/http__cookie

Aaron