Forum Discussion
LyonsG_85618
Cirrostratus
CirrostratusPassing decoded certficates in HTTP header
Hi folks.
I have been requested to setup BIG-IP to request certificate authentication and then insert the WHOLE UNENCODED certificate into the HTTP header and pass it to a differnt virtua...
LyonsG_85618Cirrostratus
CirrostratusThe customer now needs the entire payload passed therough in the cookie.
I have searched forums and comup with the following:
However - it would appear that payload is still not being seen.
Any ideas?
when HTTP_REQUEST {
set requestedhost [string tolower [HTTP::host]]
set requestedURI [HTTP::uri]
Collect up to the first 1MB of POST data
log local0. "Checking post method [HTTP::method] uri: [HTTP::uri] http_version: [HTTP::version] IP: [IP::client_addr]"
log local0. "Headers: [HTTP::request]"
log local0. "Payload [HTTP::payload]"
if {[HTTP::method] eq "POST"}{
Check if there is a content-length header and the value is set to less than 1Mb
if {[HTTP::header exists "Content-Length"] && [HTTP::header "Content-Length"] <= 1048576}{
set clength [HTTP::header "Content-Length"]
} else {
set clength 1048576
}
log local0. "Checking content length $clength IP: [IP::client_addr]"
if { $clength > 0} {
if {$debug}{log local0. "[virtual name]: Collecting $clength bytes IP: [IP::client_addr]"}
HTTP::collect [HTTP::header "Content-Length"]
log local0. "[HTTP::payload]"
}
if { $requestedhost equals "oldname.companyname.com"} {
HTTP::header replace Host "newname.companyname.com"
HTTP::header insert "\$WSCC" [X509::whole [SSL::cert 0]]
HTTP::cookie insert name "BIGIPCOOKIE" value [HTTP::payload]
pool POOL_A_HTTPS
log local0. "after cookie payload=[HTTP::payload] host=[HTTP::host] uri=[HTTP::uri] cert[X509::whole [SSL::cert 0]]"
}
