Forum Discussion
Keith_Fox_15580
Nimbostratus
NimbostratusVirtual server with two different web servers
I have a virtual server that needs to have two different web servers behind it, so that I can present it via the internet. The reasoning for this is server1, redirects to server2 two for authenticati...
Keith_Fox_15580Nimbostratus
NimbostratusThis is the log that I got to the log local, I changed the server names, but it should give you a general idea... really frustrated with this site, and trying to get it to work. Thanks for all the help!
Jan 16 15:20:40 bigip info tmm[15713]: Rule /Common/Log_rule : Request URL: publicname.domain.com Jan 16 15:20:40 bigip info tmm[15713]: Rule /Common/Log_rule : Response: Status=302 | Location=http://SERVER2.domain.com:80/sso/SSOServlet?_action=LOGINASSERT&_ssoOrigUrl=http%3A%2F%2SERVER1.domain.com%3A9080%2Fefs&_TKM=TODO-UI&_serviceName=LBIDSP&_ssoTenant=DEFAULT&_ssoAuthUrl=http%3A%2F%2SERVER1.domain.com%3A9080%2Fsso%2FSSOServlet&_ssovaltoken=yGoOGEPj3EBZvpFzWYSVSWj0EIQ%3D
Michael_JenkinsCirrostratus
Ok. And you said that server1.domain.com and server2.domain.com aren't internet acessible, but your users are accessing this through internet, so they need publicname.domain.com? In this case, there's a couple things you might do. You could follow the ideas in this article (https://devcentral.f5.com/s/articles/rewriting-redirects) for the iRule redirect rewriting and replace server2.domain.com and server1.domain.com with publicname.domain.com and then change the iRule to check for starting with "/sso" and route to the auth pool. Then you still have only one path. The other way would be to have a second dns name like auth.domain.com and do basically the same thing as the other, but in the request, check for auth.domain.com host instead of the uri to decide which pool to send it to. Hope this makes sense.
What_Lies_Bene1Just FYI, I'm pretty sure a stream profile won't rewrite a HTTP header, only the body.
