Forum Discussion
NimbostratusPeoplesoft HTTP(80) to HTTPS(8050) redirect
Hello All,
Wondering if someone could shed some light on an issue I am having redirecting to https port 8050. I am new to f5 so any direction would be great
I have a virtual server setup listening on an IP. I am trying to redirect to a VS on port 8050 that pulls up the full login URL. However, I keep getting random page cannot be displayed. Could someone check my code and make any adjustments you see wrong?
THANKS!
when HTTP_REQUEST { Redirect from / to actal URL. if { [HTTP::uri] equals "/"} { HTTP::redirect https://globalhrtst.global-legal.com/psp/HRTST/EMPLOYEE/HRMS/?cmd=login } else { HTTP::redirect "https://[HTTP::host]:8050[HTTP::uri]" } }
12 Replies
Cory_50405Noctilucent
Is the redirect you are performing in the else statement a virtual server on your BIG-IP with this iRule applied? So the BIG-IP is redirecting back to itself on port 8050, or somewhere else?
Is the only purpose of the rule to check for a blank URI, and then specify "/psp/HRTST/EMPLOYEE/HRMS/?cmd=login" as the URI, and redirect to port 8050 or are there other conditions/caveats?
TomNSCPO8_12229So basically, yes, thank you for your answer! we are load balancing two backend servers. The request comes in on port 80 and bounces to 443 cert is offloaded on the F5 (same VS IP)O. Port translation is turned on as the backend pool is 8050. That iRule was getting me no where as far as connecting to the pool. Now, we are stuck at a signon issue
Basically what gets me to the signon, but will not allow sign on, is: going directly to each indivudual server does work
when HTTP_REQUEST { Redirect from http://globalhrtst.global-legal.com/psp/HRTST/?cmd=login to actal URL. HTTP::redirect https://globalhrtst.global-legal.com/psp/HRTST/EMPLOYEE/HRMS/?cmd=login }
- Cory_50405
When you say "will not allow sign on", what is the error message or behavior that you are seeing? Is it just returning to the sign on page repeatedly? If so, your logic is looping. Try this one:
when HTTP_REQUEST { Redirect from http://globalhrtst.global-legal.com/psp/HRTST/?cmd=login to actual URL. if { [HTTP::uri] eq "/psp/HRTST/?cmd=login" } { HTTP::redirect https://globalhrtst.global-legal.com/psp/HRTST/EMPLOYEE/HRMS/?cmd=login } } - TomNSCPO8_12229
yes, it is looping, exactly right. However, when I implement what you suggested, it only takes me to the root of the weblogic app server at http://globalhrtst.global-legal.com/, it does not bring me to the actual signon URL. This is what I've been struggling to make happen minus the sign screen return loop
- Cory_50405
Seems like the application is doing some redirecting itself. What is the behavior if you access the servers directly?
- TomNSCPO8_12229
well, the only difference is that I have to use the FQDN. I cannot just use port 8050 on the URL and reach the sign on page. Both behave the same except when going directly to the server except there is no redirection to https. I wonder if that is where the problem lies.
- Cory_50405
That could certainly be the issue. But you are offloading the SSL on the LTM correct?
- TomNSCPO8_12229
Yea it is offloaded. The problem is once the login is successful it goes back through and causes the loop. Been looking for some code I can pop in the iRule in order to have successful auth continue on but I don't think that is going to work out correctly.
- Cory_50405
So where does the application redirect the user to after authentication?
- TomNSCPO8_12229
the tail end of the url changes from HRMS/?cmd=login to h/?tab=DEFAULT which is the home tab. I tried just directing the initial redirect to this path hoping it would bounce to login since it had not yet authenticated, it actually does, but only after selecting a link of the cache it pulls up...so that is not going to work.
