Forum Discussion

Brendan_Hogan_9's avatar
Brendan_Hogan_9
Icon for Nimbostratus rankNimbostratus
Apr 21, 2006

Cannot get redirect to work

Desired result:

 

If HTTP_REQUEST is http or https

 

output = https.

 

Also, if URI is "/", then append "/ps/signon.html"

 

 

 

The following works as long as request is http and not https:

 

 

when HTTP_REQUEST {

 

if { [HTTP::path] equals "/" } {

 

HTTP::redirect "/ps/signon.html"}}

 

 

How do I get this to also function for https requests?

 

 

 

The following works for the https to http redirect:

 

 

when HTTP_REQUEST {

 

HTTP::redirect "https://[HTTP::host]/ps/signon.html"

 

}

 

 

How do I get both to work in one statement or is there a better way to accomplish this? I would guess this is a simple irule to create for someone who has a clue but that is not me :-)

 

Thanks!
application delivery
dev
devops
iRules
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Apr 21, 2006
    Well, first of all, to be able to read the path information of an SSL encrypted HTTP request via an iRule, you have to make sure that your BIG-IP is set to terminate SSL for the connection.

    Once you have the client SSL profile enabled, then you should be able to read the info as if it were plain text.

    That would allow you to make use of a rule such as:

    
when HTTP_REQUEST {
  if { [HTTP::path] equals "/" } {
    HTTP::redirect "https://[HTTP::host]/ps/signon.html" 
  }
}

    This should work regardless of whether the request is HTTP or HTTPS (assuming it is applied to both a port 80 and port 443 virtual for the same IP address), and it will also make sure that if the path is only a slash ("/"), that the request is redirected properly to the signon page.

    HTH,

    Colin
  • Brendan_Hogan_9's avatar
    Brendan_Hogan_9
    Icon for Nimbostratus rankNimbostratus
    Apr 21, 2006
    The SSL profile is setup correctly as far as I can tell - if I go to https://domain.edu/ps/signon.html it is exactly the page that should be displayed.

     

     

    I want the iRule to redirect so that if any of the following are entered:

     

    https://domain.edu

     

    http://domain.edu

     

    http://domain.edu/ps/signon.html

     

    that it will redirect to

     

    https://domain.edu/ps/signon.html.

     

     

    For the script you listed, if I go to https://domain.edu, it doesn't add /ps/signon.html and will go stright to https://domain.edu with no redirect.

     

     

    Any suggestions as to how I should change it or do I possibly have something setup incorrectly?

     

    Thanks! :-)
  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Apr 24, 2006
    Try this:

    
when HTTP_REQUEST {
  if { [HTTP::path] equals "/" } {
    HTTP::redirect "https://[HTTP::host]/ps/signon.html"
   } elseif { ([TCP::local_port] == 80) && ([HTTP::uri] eq "/ps/signon.html")} {
       HTTP::redirect "https://[HTTP::host]/ps/signon.html"
   }
}

    If there are several more conditions, utilizing a class would be cleaner.
  • Colin_Walker_12's avatar
    Colin_Walker_12
    Historic F5 Account
    Apr 28, 2006
    Well, it should be pretty straight forward, using a basic redirect rule like that. You just need to be sure it's enabled on the proper VIP (the 443 virtual), and that the rule is matching the proper URI. You might try adding a couple of log statements to see what the HTTP::path variable is returning on your requests to see why the redirect isn't being executed.

     

     

    Colin