Forum Discussion
kfriend_50715
Nimbostratus
Apr 13, 2012SSL offload on Apache/Tomcat persistance and append issues
Hello all.
I'm not much of an ace when it comes to the F5 LTM's. I'm running version 10.something and I've been trying to get an application called "UNANET" (online time cards) functioning behind the load balancer.
I followed the Tomcat/Apache deployment manuals and it's a pretty straightforward setup. I have two virtual servers, one is an http that redirects to the https. I have an append rule that adds the complete path to the base url. (i.e. myserver - append /somedir/login)
My initial setup, which I believe had COOKIE as persistance, resulted in the login appearing not to work. If you typed the correct password, the application would just clear out the username and password fields but it would not display an error. Oddly, we discovered if you typed in the right FOLLOWED BY THE WRONG password suddenly the menu options for the application became available. I continued to toy around with different persistance options and I was unable to fix this.
I believe I changed the persistance option to universal and at that point upon logging in, the URL would change as if it were trying to authenticate the user,however the page would not load. If you clicked BACK and hit refresh, again the menu options would appear for the application.
My best guess here is that my append rule is not playing well with the paths of this application. I'm not sure if I need a more complex append irule to direct the client depending on the situation. Actually I'm pretty lossed.
Any insight you can provide would be greatly appreciated.
Thanks.
Ken
- Michael_Yates
Nimbostratus
Hi kfriend,when HTTP_REQUEST { if { [HTTP::path] equals "/" } { HTTP::redirect "/somewhere/else.html" } }
- kfriend_50715
Nimbostratus
Mr. Yates, Thanks for your response. Here is the current rule I havewhen HTTP_REQUEST { if {([HTTP::uri] == "/") } { HTTP::uri /unanet/action/login } }
- nitass
Employee
have you tried the irule Michael suggested? how was it? - kfriend_50715
Nimbostratus
Nitass, - kfriend_50715
Nimbostratus
I tried the other irule and I also noticed he said to try without an irule. Between each change I disabled/re-enabled the virtual server. - nitass
Employee
https://myserver/unanet/action/login/validate - kfriend_50715
Nimbostratus
Base url is: - nitass
Employee
On login the /unanet/action/login/validate page happens so quickly you don't even see it happen. have you tried HttpFox? didn't it help? - kfriend_50715
Nimbostratus
I don't even know what HttpFox is or what it does. I'll google around for it and post back with my findings / results, unless you have more insight on it that you can provide. - nitass
Employee
you will love it. :D
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects