Forum Discussion
Forward Traffic to Proxy Server
Application Server --> F5 --> Proxy Server --> Internet
- Eric_FrankenfieNimbostratusI was thinking about something like this...
-Application server sends https:///customer1
-F5 rewrites the URL as https:// and forwards that request to the Proxy server
-Proxy server requests https://
-Proxy receives return traffic and forwards to the F5
-F5 forwards the response to the application server
- Colin_Walker_12Historic F5 AccountIt sounds like we can probably help with what you're looking for here, assuming we can decrypt the traffic inbound to the LTM and then re-encrypt as necessary on the way back out.
- Eric_FrankenfieNimbostratus
The URL will be https://subdomain.customer.com/atchi/app.cgi
· Data will be encrypted by a Java key store
· Data will then be sent via SSL essentially double encrypting the data
SAML is probably post data, so the stream might look like this:
SSL(HTTP(SAML(SOAP(Java Encryption(App Message)))))
So if we do SSL at the F5, we should see everything down to the SOAP message's cleartext fields, assuming that the "main payload" of the SOAP message is what is encrypted, and that this payload contains the actual app message
- Eric_FrankenfieNimbostratusBump
- Colin_Walker_12Historic F5 AccountI'm still trying to make sure I have my head around this one.
- Eric_FrankenfieNimbostratusThe app server will be sending the request to the VS internal address. The F5 would then rewrite the request to the customer URL and then pass the request to the Proxy. Maybe something like this...
- Eric_FrankenfieNimbostratusMorning bump
- hooleylistCirrostratusHi Eric,
- Eric_FrankenfieNimbostratusI don't have anything setup yet, just in the planning stage. I am good with setting the Proxy server as the node in the pool. Does this look correct for rewriting the URL?
- Eric_FrankenfieNimbostratusThe new request is not being fully constructed. Rather it is appearing on the Proxy server as 'GET /samltest/samltest.asp' opposed to ‘GET http://dalvdmz08.carreker.com/samltest/samltest.asp’ and the Proxy server is denying the request with the following error:
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com