Forum Discussion
Redirecting a Redirect?
Good evening!
I had a question regarding a specific task we've been been researching. We are at a university, and we have a cluster of servers that are used for single sign-on purposes by faculty and staff. There are three servers being load-balanced in one-arm mode. The VIP we have setup first redirects you to a CAS server for authentication, then using cookies will forward you to one of the three servers to access content. The problem we are being faced with now is that we have a satellite campus affiliated with our university who want to use our SSO servers, but want their own specific look and feel. They have registered there own URL which they wish to redirect (via CNAME I'm assuming) to the VIP of our cluster, from which they expect to see content unique to their campus. So basically, we want to setup a mechanism where any requests originating from their URL is redirected to a specific subdirectory on our SSO cluster.
Now we've already thought up a solution for this issue which involves creating a new secondary VIP which the satellite campus will redirect to and using a unique SNAT IP that will identify the requests as coming from the satellite campus. This solution however seems particularly wasteful as we would have to waste another one of our public IP addresses just to allow them their unique view access. We thought of simply enabling the X-Fowarded-For header but they also want public access to the server and trying to define which public IP's belong to them would be an impossible task (internally, they have their own unique subnet). So this comes to the Irule option. I'm pretty certain there is a way to use Irules to complete this task but I'm struggling badly with it, so here I am requesting help from people who are more familiar with it than me. Anyone know how to go about implementing such a solution? I'll provide a more specific illustration of what I'm trying to achieve below.
Basically, our SSO cluster has a VIP DNS of "www.example.edu/maincampus". We want to setup a unique view for the satellite campus at "wwww.example.edu/satellite". The satellite campus has registered their own domain at say "satellite.redirect.edu". The goal therefore is that when they implement their CNAME that redirects "satellite.redirect.edu" to "www.example.edu", the load balancer then forwards that to the correct subdirectory "www.example/satellite"
I have a basic idea of doing an IF statement where we do something like this:
when HTTP_REQUEST {
if { [HTTP::Request] == "satellite.redirect.edu" }{
HTTP::redirect "https://www.example.com/satellite" (maybe use HTTP::uri instead of the full path?)
}
}
Am I on the right track? Is it possible? Any help would be much appreciated :). Thank you for taking the time to listen.
- IheartF5_45022Nacreous
Try this;-
when HTTP_REQUEST { if { [HTTP::Host] eq "satellite.redirect.edu" }{ HTTP::respond 301 Location "https://www.example.com/satellite" return } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com