Forum Discussion
Gravanda_33760
Feb 18, 2009Nimbostratus
Beginner - rewrite and redirect URI question
I need to create an iRule to do a few things:
1. redirect incoming HTTPS requests to a specific URI
2. rewrite the URL to the virtual server
I have a VS that has 4 nodes in a pool. Incoming requests are HTTPS with SSL off-loading connecting to HTTP:82 on the back-end nodes. I need something that allows me to maintain my HTTPS connection, direct all users hitting this VS to a specific URI, and rewrite the URL so that that VS is always present in the browser. Here is an example of what I need:
a. Users hits https://somesite.com (a VIP on LTM) using SSL off-loading
b. an iRule sends that user to the attached pool using the "/something" URI
c. The user sees a redirect in the browser to be https://somesite.com/something ad NOT the real server in the pool on a different port.
d. I need to maintain the SSL connection throughout
Th rewrite and SSL persistance is the biggest thing for me. The VS works great without redirecting to a specific URI. Once I do this with an http::redirect rule, it goes straight to the real server in the back-end and loses my SSL session. (back-end server is HTTP:82).
Thanx for any help!!
7 Replies
Sort By
- Oh yeah.....kinda need this soon! :-)
- Hi,
when HTTP_RESPONSE { Check if response is a redirect if {[HTTP::is_redirect]}{ Replace http:// with https:// and port :82/ with / HTTP::header replace Location [string map -nocase {http:// https:// :82/ /} [HTTP::header value Location]] } }
- Sorry - I am bad at explaining this stuff.
- OK.....
- For background, an HTTP redirect instructs the client to make a new GET request to the redirect URL in the location header. The response status for the redirect is generally a 301 or 302. The browser will show the updated URL in the address bar. Contrast this with LTM receiving a request from the client and rewriting the Host header in the request it proxies to the pool member. The browser address bar would still show the original URL.
- I am trying to have a client connect to a VIP, maintain it's cllient-ssl profile connectivity, and have the URI of /something/ added to the HTTP request.
- I think you're confusing the issue somewhat by your request:
when HTTP_REQUEST { if { ![HTTP::uri] starts_with "/something" } { HTTP::uri "/something/[HTTP::uri]" } }
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects