iRule for URI / HOST based Pool redirection. (w. option to not offload SSL).

Hi Both,

Yes, we have an SSL profile with a certificate on the BIG-IP F5. However in some cases (due to the nature of the application) i cannot terminate the SSL (and switch to HTTP) in the F5 but have to pass it through to the webserver so that they can use smart cards to login, authenticate to "3rd part" connections from within the application and to sign inside the application. I thank you for your tip and will look into that next. It is actually the same certificate for the server, but there is another certificate present on the webserver for the smart cards...

Kunja, thanks for the information, solved first part of the problem with that. 🙂

This is how the code looks right now ...

when HTTP_REQUEST {
    array set pools {
        Organisation1 Y
        Organisation2 N
        Organisation3 N
    }
    foreach {CustPath SmartCard} [array get pools] {
        if { ([getfield [HTTP::uri] "/" 2] equals $CustPath) }{
                if { ($SmartCard equals "Y") }{
                    SSL::disable
                    HTTP::disable
                }
            pool P_APP_$CustPath
            return
        }
    }
    HTTP::respond 200 Content {NOTICE: Site Unavailable. If you believe you are receiving this message in error, contact your site administrator.}
}    

The HTTP::respond isnt working atm. but that is a minor issue that is probably easy solved.