Forum Discussion
mike_drennen_16
Cirrus
CirrusBypassing the Webtop to directly access a Portal Access resource via URI
I am having an issue with accessing a Portal Access resource using a URI. I have set this up for other SAML resources before and it works flawlessly, however, when attempting it with a Portal Access ...
Michael_Jenkins
Cirrostratus
CirrostratusAre you basically trying to always force a redirect when the host is myproductionAPMPolicy.com and uri is /mydefineduri?
One thing to note is that the ACCESS_POLICY_COMPLETED event is only executed at the end of the access policy, which happens once during a session. This would explain why you only see the redirect initially and not on any subsequent requests.
If you want to always check for that pre-defined uri (and/or host), you can also use the HTTP_REQUEST event. Something like this:
when HTTP_REQUEST {
switch -glob [string tolower "[HTTP::host][HTTP::uri]"] {
"myproductionapmpolicy.com/mydefineduri*" {
HTTP::respond 302 Location "/f5-w-687474703a2f2f31302e312e332e36$$"
You could use this instead too: HTTP::redirect "/f5-w-687474703a2f2f31302e312e332e36$$"
If you have other iRules on this VIP the use HTTP::respond or HTTP::redirect, you may need a couple additional commands to mitigate a multiple redirects error.
return
}
}
}
If you only want to perform the redirect after a session has been successfully completed, you might add an conditional before the switch to check for that. Something like this:
if {[ACCESS::policy result] -eq 'allow'} {
Processing code here
}
Hope this helps.
