Forum Discussion

Nimbostratus

Nov 23, 2010

Remote login page needs to know which site request came from.

Hi all, We have a need to hide all our apps behind a single login application and are using a remote login page in an APM policy to do this. The problem is that this login app needs some way of findin...

app sec

BIG-IP Access Policy Manager (APM)

security

Chris_Miller

Altostratus

Dec 13, 2010

I'll offer this up as an option, but haven't dealt with this situation so can't say it's the right way to go.

when HTTP_REQUEST { 
 set req_uri [HTTP::uri]  
 log local0. "Referer was $req_uri" } 
 when HTTP_RESPONSE { 
 HTTP::cookie insert "real_referer" "$req_uri"  
 log local0. "inserted real_referer cookie with value $req_uri" }

When a user hits the login page, they should have a cookie called "real_referer" whose value is their previous HTTP request. I've also put log statements in both events which should help troubleshoot. That cookie will be overwritten each time they hit a different page but when the login page is requested, the value should be of the previous request.

Let me know how that works for you and we can tweak it accordingly.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)