Users are not able to edit the web page on web server while traffic passes through the Load Balancer

Do I need to change something in the above script as per my setup ?

Musafir, the iRule provided will change any "http://" references in the HTTP response to "https://". This would ensure that any internal application that is advertising itself as HTTP will still show up as HTTPS at the client. The objective is to force all client traffic through an HTTPS VIP regardless of the server side configuration. That said, perhaps there is still some confusion about what you're trying to do and what the application is attempting to do. Let's try this:

• Let's assume that you want all client traffic to use the HTTPS VIP (port 443). Are all of the servers (pool members) listening on port 80 HTTP?

   

• Enable the port 80 HTTP and port 443 HTTPS VIPs with no iRules. This should work, yes? If so, please provide a client side capture (ie. Fiddler) of what the client is doing when the edit functions are invoked.

   

Hi Kevin,

What i have observed is that the node has urls as htt or https. hence we used the iRule. but doing so, disables the stream for editing the application. If you check the http watch logs shared above, the transactions starting from below line are not starting at all while passing theough F5.

https://thatwasentme.com/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.LocalizationControllerewcVersion=4_0+SP2+Patch1_201003311654&command=getResourceScript&country=GB&language

It seems that theere is some Java script calling to server and those packets are dropping here and hence the user trying to edit the page observes nothing happening while clicking on the edit button.

It seems that theere is some Java script calling to server and those packets are dropping here and hence the user trying to edit the page observes nothing happening while clicking on the edit button.

This is progress. The STREAM profile and iRule should be able to rewrite the JavaScript too. Can you, in the HTTPWatch, see 1) the JavaScript calls to HTTP resources, and 2) where the browser initially requests either the HTML page containing the JavaScript, or a separate .js file?

in the working setup when we click on the edit button all transaction starts from following line:

https://thatwasentme.co.uk/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent

Post two, three more xml transactions, java script starts.following is the detail.

https://thatwasentme.co.uk/irj/portalapps/com.sap.portal.epcf.loader/script/optimize/js13_epcf.js?7.00001620

do I need to make some changes in the above iRule, means do i need to change the values somewhere in the above iRule. Please guide me.

Look very carefully at what the client is attempting to do. The working setup includes HTTP and HTTPS services, so it's assumed that some things are talking to the HTTP service and others the HTTPS service. Your client side capture should show the calls to both and you should see this in network captures (traffic going to port 80 and port 443). You may need to look inside the returned HTML and JavaScript payloads to find references to the HTTP service. If you can find where the HTTP service is being referenced, then you can work on fixing it. The above iRule should rewrite these references, but you won't know for sure until you find them.

https://thatwasentme.co.uk/irj/servlet/prt/portal/prtroot/com.btexx.pct.easyWCM.EditModeRegistrationComponent

is this url in the first http response? if yes, have you seen it in the not-working setup?

Hi Nitass,

I am not seeing this URL at all in the not working set up. I think there is something which is not allowing to start the Java Script call to server for this. I have found following solution for HTTP Post redirect but applying it also was not helpful.

https://devcentral.f5.com/wiki/iRules.HTTP_POST_redirectNew118.ashx

Hi Nitass,

I am running 9.3.7 software but the document you shared says that the minimum required software 10.0 or higher.

Also, if still i want to use this script, is there anything i need to change according to my requirement ?

Musafir, I cannot stress enough, you need to look at the client side HTTP communication. It would appear that the client is somewhere attempting to talk to the server via http://, and you need to first find out when that happens, and then from where the client is getting this information.