Forum Discussion
Mike_Roe_60070
Nimbostratus
NimbostratusRemote login page needs to know which site request came from.
Hi all, We have a need to hide all our apps behind a single login application and are using a remote login page in an APM policy to do this. The problem is that this login app needs some way of finding out which of our 500+ sites the request originated from. We were hopeful that we could just use the referer header but, as the first hop in this process is the F5 VIP that the policy is assigned to the referer shows http://my.app.com/my.policy. Is there any way that the login app can be passed a variable or a cookie that contains the referer from the original link that the user clicked? I was thinking Access::session data or a cookie header or something but, I cant understand how to pass that from the access policy to the login page. Any thoughts? Any help?
Thanks
- Chris_Miller
Altostratus
I'll offer this up as an option, but haven't dealt with this situation so can't say it's the right way to go.when HTTP_REQUEST { set req_uri [HTTP::uri] log local0. "Referer was $req_uri" } when HTTP_RESPONSE { HTTP::cookie insert "real_referer" "$req_uri" log local0. "inserted real_referer cookie with value $req_uri" }
When a user hits the login page, they should have a cookie called "real_referer" whose value is their previous HTTP request. I've also put log statements in both events which should help troubleshoot. That cookie will be overwritten each time they hit a different page but when the login page is requested, the value should be of the previous request.
Let me know how that works for you and we can tweak it accordingly. 
Mike_Roe_60070Well I modified this a little and got the logs to at least lie to me and tell me its working. Here is what I have done:
when HTTP_REQUEST {
set req_uri [HTTP::header value referer]
log local0. "Referer was $req_uri"
}
when HTTP_RESPONSE {
HTTP::cookie insert name "real_referer" value "$req_uri"
log local0. "inserted real_referer cookie with value $req_uri"
}
The logs read:
Dec 22 10:25:45 local/tmm1 info tmm1[4959]: Rule referer-irule : Referer was http://www-test.winwholesale.com/
Dec 22 10:25:45 local/tmm info tmm[4958]: Rule referer-irule : Referer was http://www-test.winwholesale.com/
Dec 22 10:25:45 local/tmm info tmm[4958]: Rule referer-irule : inserted real_referer cookie with value http://www-test.winwholesale.com/
Dec 22 10:25:45 local/tmm info tmm[4958]: Rule referer-irule : Referer was
Im not too sure what is going on in the inner workings of the access policy but, i see an additionallog entry at the end that has a null value for $req_uri.
All said the value I need the login page to see is what is showing up in the logs so the variable is correst. I am not sure why the cookie never gets added though. Thoughts?- Chris_MillerI used [HTTP::uri] because that's the requested page rather than relying on the browser to have a correct referer header. If you aren't seeing a value for $req_uri in your HTTP_REQUEST event, it's because the header didn't exist on that request. As far as the cookie being added, you're not seeing the log event from HTTP_RESPONSE at all?
- Mike_Roe_60070Sorry I didnt reply earlier. We had to go a different route with the login page. It became a problem for too long so we abandoned the need to identify the source site.
- Mike_Roe_60070Sorry I didnt reply earlier. We had to go a different route with the login page. It became a problem for too long so we abandoned the need to identify the source site.
