Forum Discussion

adcounts's avatar
adcounts
Icon for Nimbostratus rankNimbostratus
Nov 11, 2015

Redirects, page unavailable, and Office 365

I am currently facing an interesting issue. I need to perform a redirect but the destination will be based on the response. I need to send site.abccompany.com to https://sso.abccompany.com/adfs/ls?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=MEST%3D0%26LoginOptions%3D1%26wa%3Dwsignin1%252E0%26rpsnv%3D2%26ct%3D1348618157%26rver%3D6%252E1%252E6206%252E0%26wp%3DMBI%26wreply%3Dhttps%253A%252F%252Fabccompany.sharepoint.com%252Fsites%252Fsite but if abccompany.sharepoint.com/sites/site is not available redirect to down.abccompany.com. I have this in 2 different F5s and need to make the second set of F5s just return a Site Down message if abccompany.sharepoint.com/sites/site is unavailable.

 

I thought about trying to do this by monitoring a node but that doesn't give me what I want. The next thought I had was to use an iRule to check abccompany.sharepoint.com/sites/site for a response and redirect site.abccompany.com accordingly.

 

Currently I am just using this iRule to do the redirect but when SharePoint is unreachable it just hangs.

 

START RULE

 

when HTTP_REQUEST {if { [HTTP::host] ends_with "site.abccompany.com" } {HTTP::redirect "https://sso.abccompany.com/adfs/ls?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=MEST%3D0%26LoginOptions%3D1%26wa%3Dwsignin1%252E0%26rpsnv%3D2%26ct%3D1348618157%26rver%3D6%252E1%252E6206%252E0%26wp%3DMBI%26wreply%3Dhttps%253A%252F%252Fabccompany.sharepoint.com%252Fsites%252Fsite[HTTP::uri]"} else {} }

END RULE

 

availability
BIG-IP Access Policy Manager (APM)
cloud
monitor
security
TMOS

2 Replies

Sort By
  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Nov 12, 2015

    I think you want that user who previously requested a local sharepoint (host site.abccompany.com) must be redirected to ADFS server (sso.abccompany.com) to authenticate before being redirected to office365 sharepoint (abccompany.sharepoint.com)...

     

    The easiest solution is to redirect requests https://site.abccompany.com/* to https://abccompany.sharepoint.com. it will have one more redirect (transparent for client)

     

    to monitor sharepoint availability, you must create a pool with sharepoint members and use the following irule:

     

    when HTTP_REQUEST { switch [HTTP::host] { "site.abccompany.com" { if { [active_members "Sharepoint_pool"] == 0 } { HTTP::redirect "https://down.abccompany.com" return } else { HTTP::redirect "https://abccompany.sharepoint.com[HTTP::uri]" } } "sso.abccompany.com" { pool ADFS_pool } default {} } }

     

  • Stanislas_Piro2's avatar
    Stanislas_Piro2
    Icon for Cumulonimbus rankCumulonimbus
    Nov 12, 2015

    same irule formatted:

    when HTTP_REQUEST {
    switch [HTTP::host] {
        "site.abccompany.com" {
            if { [active_members "Sharepoint_pool"] == 0 } {
                HTTP::redirect "https://down.abccompany.com"
                return
            } else {
                HTTP::redirect "https://abccompany.sharepoint.com[HTTP::uri]"
            }
        }
        "sso.abccompany.com" { pool ADFS_pool }
        default {}
    }
}