Forum Discussion
DB
Nimbostratus
NimbostratusChanging 403 to a 302 response based in incoming User-Agent?
We have uncovered an unexpected 'feature' in Microsoft SharePoint that's causing us some problems. Specifically, if SharePoint detects a non-browser client attempting to access a secured page on a site using Forms Authentication, it will return a 403 response rather than the normal 302 redirection to the forms logon page.
The problem is, SharePoint's definition of a non-browser client is anything without 'Mozilla' in the User-Agent string. And unfortunately, many of the mobile browsers on the market don't send 'Mozilla' anywhere in their UA string. I am wondering if this is something I can take care of in LTM. If the server is attempting to send a 403 response to the client and if the client's UA string does not contain 'Mozilla', I would like to modify that response to be a 302 redirection to the logon page (/_layouts/login.aspx?ReturnUrl=.
Is there a way I can tie a request coming in that doesn't have Mozilla as the user agent and wait for the response to see if it's a 403 and then do the redirect using an iRule?
DB.
1 Reply
hoolioCirrostratus
Hi DB,
I think there is an MS hotfix for this. If that hotfix doesn't look correct, it might be easier to just insert mozilla in the user-agent string if it's not there already. Or you could implement the logic you've described. Let us know whether you want some example iRules.
You cannot view a forms-based authentication Windows SharePoint Services 3.0 site if you have Office Live Update 1.2 for Microsoft Office Live Workspace installed
http://support.microsoft.com/kb/972535/
Aaron
