Forum Discussion

Giuseppe_Casabl's avatar
Giuseppe_Casabl
Icon for Nimbostratus rankNimbostratus
Dec 12, 2008

how to remove Authorization http header

Hi   I'm testing the IRule functionality. I do radius authentication of the virtual server and then the request is passing to a pool. Now I got a Error 500 because the Authorization header is set...
application delivery
dev
devops
iRules
hooleylist's avatar
hooleylist
Icon for Cirrostratus rankCirrostratus
Dec 12, 2008
Hi Giuseppe,

The HTTP profile configuration for adding/removing headers is performed before HTTP_REQUEST is triggered. The auth header is read in default HTTP_REQUEST event (priority 500). So that's why the profile option to remove the auth header would prevent the authorization from working.

You can use an iRule with a priority (Click here) set to greater than the default of 500 to remove the auth header after the auth iRule uses it: 

  
   when HTTP_REQUEST priority 501 {   
      
       Remove the Authorization header after the system authorization iRule runs (at priority 500)   
      if {[HTTP::header exists Authorization]}{   
      
         HTTP::header remove Authorization   
      }   
   }

Aaron