For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Jure_48098's avatar
Jure_48098
Icon for Nimbostratus rankNimbostratus
Feb 15, 2008

SSL login redirect

I have a site that I'm tryng to migrate to LTM, that is running HTTP and HTTPS. The login POST always goes to the SSL server. Server then does the auhorisation and returns a HTTP 302 redirect with the...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 18, 2008
One suggestions on that. If the redirect location changes (ie, the URI is dynamically set) and you need to preserve this, you can replace the only host portion of the redirect with the FQDN using a rule like this:


when HTTP_RESPONSE {
   if {[HTTP::is_redirect]}{
      set domain_name "host.example.com"
      log local0. "\[IP::remote_addr\]:\[TCP::remote_port\]: [IP::remote_addr]:[TCP::remote_port]"
      set string_map [string map "[IP::remote_addr]:[TCP::remote_port] $domain_name" [HTTP::header value Location]]
      log local0. "string map: $string_map"
      HTTP::header replace Location [string map "[IP::remote_addr]:[TCP::remote_port] $domain_name" [HTTP::header value Location]]  
   }
}

Or without logging/intermediate variables:


when HTTP_RESPONSE {
   if {[HTTP::is_redirect]}{
      HTTP::header replace Location [string map "[IP::remote_addr]:[TCP::remote_port] host.example.com" [HTTP::header value Location]]  
   }
}

Aaron