Forum Discussion

1 Reply

  • LinuxLeafFan_15's avatar
    LinuxLeafFan_15
    Icon for Nimbostratus rankNimbostratus
    Sep 30, 2014

    I apologize. I've attempted to edit the above post multiple times and failed. It doesn't look like there's an easy way to delete the post either. Please see below for correct formatting.

    Hello,

    I'm working on making one of our external applications available externally. We run a split DNS environment. The application works (mostly) but on at least one of the identified forms (forgot password). When a user clicks the forgot password button, the application detects that the URL has been rewritten and returns an error message.

    The POST Method looks like this: 

    POST /OA_HTML/OA.jsp?page=/oracle/apps/fnd/umx/password/webui/LoginHelpPG&_ri=0&_ti=2062238156
&language_code=US&OAHP=UMX_GUEST_HOME_PAGE_MENU&OASF=UMX_LOGIN_HELP&UmxOriginatingPage=http%
3A//myhost.mydomain.com%3A8040`/OA_HTML/AppsLogin&UmxTargetPage=http%3A//myhost.mydomain.com
3A8040/OA_HTML/AppsLogin&UmxOrigPageLinkName=FND_SSO_LOGIN&oapc=3&oas=CiOLcfWvVmT_PbSKZO4iyg..
HTTP/1.1 `

    This would appear to be causing issues as the post data contains references to the external application and I'm guessing the internal app is getting confused by this.

    I've also taken a TCP dump on the application server. It shows that the Referer value in the HTTP header refers to the external host as well.

    We're unsure where we should start working towards fixing this, whether we should be looking in the HTTP Request or Response related events, etc. Any help would be appreciated.

    Below is some clips of the iRule currently in use:

    when HTTP_REQUEST {
    switch -glob [string tolower [HTTP::host]] {
        "myhost.mydomain.com" {
             Define hostname for proper HTTP Response Processing
             Allows for multiple hosts on single VIP
            set hostname "myhost_prod"
             Disable SSL Processing on Server Side (Application doesn't use SSL)
            SSL::disable serverside
            HTTP::header replace Host "myhost.mysubdomain.mydomain.com"
            if { [HTTP::path] equals "/" } {
                HTTP::redirect "/OA_HTML/AppsLogin"
            }
            pool pool_lb_myhost_p_http_8050
        }
    }
}

when HTTP_RESPONSE {
    if { $hostname == "myhost_prod" } {
         Check if a response is a redirect
        if { [HTTP::header exists Location] }{ 
             log local0. "Original Location: [HTTP::header value Location]"
             Assume the server will use it's own TCP port in redirects and remove it.
            HTTP::header replace Location [string map -nocase [list http:// https://    ".mysubdomain" "" ":[LB::server port]" ""] [HTTP::header value Location]]
        }
         Changes all HTML content referencing port 8050 to port 443
         Changes all HTML content referencing port http to https
        if { [HTTP::header value Content-Type] contains "text" } {
            STREAM::expression {@:8050@:443@ @http://@https://@ @myhost\.mysubdomain\.mydomain\.com@myhost.mydomain.com@}
            STREAM::enable
        }
         Changes Content-Location field in header referencing .corp domain and port 8050
        if { [HTTP::header Content-Location] contains ":8050" }{
            HTTP::header replace Content-Location [string map -nocase [list http:// https:// ".mysubdomain" "" "[LB::server port]" ""] [HTTP::header Content-Location]]
        }
        HTTP::header replace Host "mysubdomain.mydomain.com"
    }
}