HTTP::header insert

I'm not sure that using HTTP::header insert with HTTP::redirect is expected to work. Can you try using HTTP::respond (Click here) instead?

 

 

HTTP::respond 302 Location "https://[HTTP::host][HTTP::uri]test" STRING "MLint"

 

 

Aaron

I'm sure it won't work this way

 

 

HTTP::header insert will insert it in the request since then you make a redirect you won't see the header

tried to test this rule, but still no STRING incerted in the HTTP header? not sure if i'm doing something wrong.

 
when HTTP_REQUEST {
if {[TCP::local_port] eq "80"} {
HTTP::respond 302 Location "https://[HTTP::host][HTTP::uri]test" STRING "MLint"
} elseif {[TCP::local_port] eq "80" } {
HTTP::redirect "http://[HTTP::host][HTTP::uri]"
} else {
pool test-Servers-Pool
} 
}

basicaly, what i'm trying to acomplish - is different authentication for internal and external users. I'm trying to change HTTP:header which will be send by BigIP to IIS server and based on the difference in the header, SSO or HTLM authentication will take place. at the same time, i need redirect to port 443. any recommendations?

The HTTP::respond command you're using would insert the header named STRING with a value of MLint in the 302 response to the client.

 

 

Do you want to have the BIG-IP send a request to the pool and a redirect to the client based on a single request from the client to the VIP? I'm unclear on what exactly you're trying to accomplish. Can you elaborate?

 

 

Thanks,

 

Aaron

i'll try to do my best to explain, and can e-mail you diagram.

 

Based on the source IP, BigIP should change HTTP:header, which will be send to IIS server from the pool. IIS server will respond with the different authentication page, which will be presented to the user. Also, BigIP should do HTTP-->HTTPS redirect.

 

 

Thanks in advance for any help.

Based on your request

1. For HTTP requests, issue a HTTPS redirect to the client browser.

2. For Non-HTTP requests, insert the "STRING=MLint" header for IIS.

This should work.

when HTTP_REQUEST {
  if { [TCP::local_port] eq 80 } {
     Send HTTP redirect to browser
    HTTP::redirect "https://[HTTP::host][HTTP::uri]test"
  } else {
     Add header with name "STRING" and value "MLint"
     to be sent to backend webserver
    HTTP::header insert STRING "MLint"
  }
}

Now, this didn't include a filter for source IP but that could easily be done with an elseif instead of the else testing for the IP::client_addr against either an address (10.10.10.10), a masked address (ie. 10.10.10.0/24), or an address class using the matchclass command.

Hope this helps...

-Joe

looks like i made some progress, so now is a question, how to do incert in the cookies

You can insert and/or manipulate a cookie using the HTTP::cookie commands (Click here):

 

 

HTTP::cookie insert name my_cookie value my_value

 

 

This can be done in requests or responses.

 

 

Aaron

how to put cookie in this line instead of STRING?

 

 

HTTP::respond 302 Location "https://[HTTP::host][HTTP::uri]" STRING "MLInt=1"

 

 

will this work?

 

 

HTTP::respond 302 Location "https://[HTTP::host][HTTP::uri]" HTTP::cookie insert test test test

Sorry for the confusion. If you're trying to set a cookie in the redirect you send with HTTP::respond, you can use this format:

 

 

HTTP::respond 302 Location "https://[HTTP::host][HTTP::uri]" Set-Cookie "my_cookie=my_value\; Path=/test\; Domain=.example.com\;"

 

 

Aaron