HTTP content rewrite iRule

Hi Mike,

I'm not sure why that error would be triggered, but I suggest switching from collecting the payloads with HTTP::collect to using a stream profile to rewrite Basic to NTLM. The stream profile and iRule should be more efficient than buffering the full payload. See the STREAM::expression wiki page for details:

https://devcentral.f5.com/wiki/iRules.stream__expression.ashx

If you do stick with HTTP::collect, change 4294967295 to 1024000 to avoid coring TMM or potentially taking all available memory for a single connection.

Here's an untested example for using a stream profile and iRule to do the rewrite:

when HTTP_REQUEST {

 Log debug to /var/log/ltm? 1=yes, 0=no.
set stream_debug 1

 Disable the stream filter by default
STREAM::disable

set usentlm 0
if { ([HTTP::uri] starts_with "/sso/autodiscover/") } {
 log "OWA Rewrite for autodiscover SSO engaged"
set usentlm 1
HTTP::uri [string map { /sso/autodiscover/ /autodiscover/ } [HTTP::uri]]
 HTTP::uri "/autodiscover/autodiscover.xml"
if {$stream_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Rewrote [HTTP::uri] to\
[string map { /sso/autodiscover/ /autodiscover/ } [HTTP::uri]]"}
 Don't allow data to be chunked.
if {[HTTP::version] == "1.1"} {
if {[HTTP::header is_keepalive]} {
 Adjust the Connection header.
HTTP::header replace "Connection" "Keep-Alive"
}
HTTP::version "1.0"
}
}
}

when HTTP_RESPONSE {
if { $usentlm == 1 } {
if {[HTTP::header "Content-Type"] starts_with "text/"} {
if {$stream_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Enabling stream for [HTTP::header "Content-Type"]"}
STREAM::expression {@[bB]asic@Ntlm@}
STREAM::enable
} else {
if {$stream_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Disabling stream for [HTTP::header "Content-Type"]"}
STREAM::disable
}
}
}
when STREAM_MATCHED {
 Debug only. Comment out or remove when testing is complete
if {$stream_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: matched: [STREAM::match]"}
}

Aaron