F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

f5rocks_86658's avatar
f5rocks_86658
Icon for Nimbostratus rankNimbostratus
Jun 01, 2016

Need to allow request only if application opens from parent portal

Dear Experts,   Please suggest with an iRule, where application access only to be allowed if app is being accessed from authenticated portal only. Referer header can be checked on first request. H...
iRules
security
Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Jun 01, 2016

Formatted example :

 

on VIP1 :

 

when HTTP_RESPONSE {
    if { [HTTP::cookie exists "MySessionCookie"] } {
        HTTP::cookie domain "MySessionCookie" "example.com"
    }
}

on VIP2 :

 

when HTTP_REQUEST {
    if { ([HTTP::cookie exists "MySessionCookie"]) } {
         insert code to add cookie validation
    } else {
        HTTP::redirect "https://vip1.example.com/login"
    }
}

But clearly, it would be easier to use APM module and put an access profile with multi-domain sso on both VIP and configure Web SSO for VIP1.

 

Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Jun 03, 2016
Hi, Did you had a chance to test this scenario ?