For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jack_10574's avatar
jack_10574
Icon for Nimbostratus rankNimbostratus
Jul 12, 2014

redirection require wth forward to pool

Hi All i have a requirement , base on the below irule , it will forward users forward to the test_pool after users authentication successful. Due to i require another action from irule which is...
application delivery
design
devops
iRules
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Jul 14, 2014

Try this:

when RULE_INIT {
    set static::auth_debug 1 
}
when HTTP_REQUEST {
    if { $static::auth_debug } { log local0. "Request URI = [HTTP::uri]." } 

    if { [string tolower [HTTP::uri]] equals "/user" } {
        HTTP::redirect "http://[HTTP::host]/user/resources.php"
        return
    } elseif { [HTTP::username] eq "" or [HTTP::password] eq "" } {
         Grab username and password from authorization header and compare
        if { $static::auth_debug } { log local0. "No username and password in Authorization header or Auth header missing." } 
    } else {
         Grab the authorization header and convert to username and password
        if { $static::auth_debug } { log local0. "Username = [HTTP::username] password = [HTTP::password]" }
         Next look in the datagroup called LocalUsers for the user. The value is a hex MD5password.Compare the value in the datagroup to the value of HTTP::password to determine if this is valid.
        set password [class lookup "[HTTP::username]" LocalUsers] 
        if { $password eq "" } {
            if { $static::auth_debug ==1 } { log local0. "Auth failed for user [HTTP::username] \ and the value in the datagroup was [class lookup [HTTP::username] LocalUsers] "} 
        } else {
             how have action with when user key in www/test/com/user redirect it to https://www.test.com/user/resources.html before it forward to test_pool ?
            binary scan [ md5 [HTTP::password]] H* hexhash 
            if { $static::auth_debug } { log local0. "password MD5 = $hexhash" } 
            if { $password eq $hexhash } { 
                pool test_pool
                if { $static::auth_debug } { log local0. "Auth succeeded for user [HTTP::username] and the value in the datagroup was [class lookup [HTTP::username] LocalUsers] "}
                 Exit this event for this iRule to prevent sending a 401 below
                return 
            } 
        } 
    }
    If we are still in the iRule the auth attempt failed
    HTTP::respond 401 content "Error:Authentication Failure" WWW-Authenticate "Basic realm=\"local.loc\""
}