Forum Discussion

レザ's avatar
Oct 04, 2022
Solved

How to health check of web service behind authentication portal

Hi ALL

I ran into a problem with monitoring today that I hope you can help me with.
I have two web servers that I want to balance, The problem I have is that the web service that is on these web servers, when called, first redirects the user to a portal for authentication, and after successful authentication, the user will have access to the web service. The problem is that when my monitor GET's any of the servers, the result is a 302 code or redirection. I wanted to know if there is a way to check the functionality of the web service itself?
Of course, I had a conversation with the web service developer and they decided to give me a special URL to check the monitor, but I wanted to know if anyone has ever encountered such a problem? and what is best and practical solution this problem?

Thankful

  • The way you've gone about this with the webdevs is indeed the most typical way this is approached. If the URL they've provided does reflect the actual health of the service then that's great.

    It gets better because that enables the webdevs to take their own servers out for service through manipulating that page instead of asking you to remove pool members.

  • Nikoolayy1's avatar
    Nikoolayy1
    Oct 07, 2022

    Better whitelist the F5 local non-floating ip addresses on the application as this IP addresses are used for monitoring and the real client traffic is using the floating self ip addresses if Automap is configured or the SNAT pool (even with standalone F5 devices not in HA you can configure floating IP addresses so that SNAT automap to not use the non-floating IP addresses that will then be just used for monitoring).

4 Replies

  • The way you've gone about this with the webdevs is indeed the most typical way this is approached. If the URL they've provided does reflect the actual health of the service then that's great.

    It gets better because that enables the webdevs to take their own servers out for service through manipulating that page instead of asking you to remove pool members.

    • レザ's avatar
      レザ
      Icon for Cirrus rankCirrus

      Hi,

      the problem is that portal uses captcha, so i cant simply use username & password ğŸ˜ž

      • Nikoolayy1's avatar
        Nikoolayy1
        Icon for MVP rankMVP

        Better whitelist the F5 local non-floating ip addresses on the application as this IP addresses are used for monitoring and the real client traffic is using the floating self ip addresses if Automap is configured or the SNAT pool (even with standalone F5 devices not in HA you can configure floating IP addresses so that SNAT automap to not use the non-floating IP addresses that will then be just used for monitoring).