Forum Discussion
lavila85
Altostratus
AltostratusMasking URL from diferent domains user autentication.
Hi guys.
I appreciate your support or suggestions to solve the following scenario:
We have a single website that has two login pages in different directories and that we use to authenticate two different clients, however they have asked us to mask the URL and for one of the clients the URL looks as if it were accessing from another domain .
1. Is it possible to do this URL masking?
2. What procedure should we carry out if possible?
3. Any alternative plan that can meet this requirement?
We appreciate your support or ideas. Thanks!!
- Paulius
MVP
lavila85 I'm with Amine_Kadimi on this one. We definitely need more information to provide you with more information that will be helpful. You can definitely mask the URI by performing a string map but the real question here is how are you mixing the two. If the client is able to do the other domain but with their path you most likely have the server listening for any FQDN for that directory which will allow the use of the URI to traverse the other clients app.
lavila85Hi Paulius Thank you for your time!.
Let me explain it in more detail.
We have a single website published on one IIS server called Q.
Client 1: Enter by URL: www.abc.com/login.aspx
Internal application path map: Qserverpath\clientfolder1\login.aspx
Client 2: Enter by URL: www.abc.com/subsite2/login.aspx
Internal application path map: Qserverpath\clientfolder2\login.aspx
Need:
Let client 2 enter its internal path but from the domain www.xyz.com
In other words hide the www.abc.com domain and replace it with www.xyz.com and map internal folder path: Qserverpath\clientfolder2\login.aspx
ragunath154Cirrostratus
lavila85 First two conditions you can be achived using stringmap in irule as shown below.
but not able to understand your last requirement, whether you need replace www.xyz.com to www.abc.com before sending to pool members keeping the same URI path or you need rewrite the www.abc.com back to www.xyz.com while responding back to client 2?
sample irule with stringmap
when HTTP_REQUEST {
if {[HTTP::uri] eq "/login.aspx"} {
HTTP::uri [string map {"/login.aspx" "/Qserverpath/clientfolder1/login.aspx"}[HTTP::uri]]
}
elseif {[HTTP::uri] eq "/subsite2/login.aspx"} {
HTTP::uri [string map {"/subsite2/login.aspx" "/Qserverpath/clientfolder2/login.aspx"}[HTTP::uri]]
}
}
Amine_KadimiHi,
Your question is not very clear and but in general you can mask an URL based on conditions, for example:
- If a client comes (or does not come) from predefined subnet then block access to url /xyz
Without more knwoledge of your app, it's difficult to give you suggestions, however you would better challenge the devs to build a good design of your app giving each client a dedicated endpoint, folders ...etc or have a single login page that can differentiate between clients giving them authorizations accordingly
- lavila85
Thank you guys for your time!.
Let me explain it in more detail.
We have a single website published on one IIS server called Q.
Client 1: Enter by URL: www.abc.com/login.aspx
Internal application path map: Qserverpath\clientfolder1\login.aspx
Client 2: Enter by URL: www.abc.com/subsite2/login.aspx
Internal application path map: Qserverpath\clientfolder2\login.aspx
Need:
Let client 2 enter its internal path but from the domain www.xyz.com
In other words hide the www.abc.com domain and replace it with www.xyz.com and map internal folder path: Qserverpath\clientfolder2\login.aspxThanks a lot!
- Amine_Kadimi
I second Paulius, just google for IIS hosting multiple sites by host header. F5 by itself cannot tell the backend server what folder to choose other than by an intermediary mean using HTTP (e.g. host header), IIS then chooses the folder accordingly
