Forum Discussion
Auz_102504
Nimbostratus
Nimbostratuswebdav rule exclusion
We have the following http redirect in place on a microsoft sharepoint site
Request for will redirect to
when HTTP_REQUEST {
if { [HTTP::host] equals "hostname"} {
HTTP::redirect "http://fqdn[HTTP::uri]"
}
}
this works fine for most http requests except for http webdav requests used when using sharepoint explorer view.
http://www.scribd.com/doc/2917779/Understanding-and-Troubleshooting-SharePoint-Explorer-View
http://www.scribd.com/doc/2917779/U...lorer-View
http://mysharepointofview.com/2009/05/a-word-about-troubleshooting-the-explorer-view/
So I need to exclude the webdav traffic from being redirected. Using the shortname\hostname works when the http redirect irule is not applied to the VIP. Can anyone help me with this?
nitassEmployee
may we detect webdav using HTTP::method?
How do I detect a web dav request?
http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1179140/showtab/groupforums/Default.aspx
Auz_102504I think its using the following user agent
HEAD /SomFolder/SomeFile.doc HTTP/1.1
User-Agent: Microsoft Office Existence Discovery
The other way we could possibly get around this is by excluding certain URL's from the redirect as well.- Auz_102504also
The protocol consists of a set of new methods and headers for use in HTTP. The added methods include:
PROPFIND — used to retrieve properties, stored as XML, from a resource. It is also overloaded to allow one to retrieve the collection structure (a.k.a. directory hierarchy) of a remote system.
PROPPATCH — used to change and delete multiple properties on a resource in a single atomic act
MKCOL — used to create collections (a.k.a. a directory)
COPY — used to copy a resource from one URI to another
MOVE — used to move a resource from one URI to another
LOCK — used to put a lock on a resource. WebDAV supports both shared and exclusive locks.
UNLOCK — used to remove a lock from a resource - Auz_102504
Some more information on the user agent I found here
http://support.microsoft.com/kb/832161
Windows XP
The WebClient service is used if you connect a Web Folders without specifying a port. For example, if you use the "http://webserver/davscratch" URL, a network trace shows something that is similar to the following in the HTTP header:
HTTP: User-Agent = Microsoft-WebDAV-MiniRedir/5.1.2600Microsoft Office
When you use the syntax that includes a port number, you connect with Office WebDAV. For example, if you use the "http://webserver:80/davscratch" URL, a network trace shows something that is similar to the following:
HTTP: User-Agent = Microsoft Data Access Internet Publishing Provider DAV
Further known issues with Microsoft-WebDAV-MiniRedir
So it also looks as though there could be other issues as well depending on the clients connecting to the site most clients are running windows xp with the latest service pack but there are some clients running windows 7. However, the fact that it works without going through BigIP LTM means these issues have already been resolved.Any update on this ?
- Auz_102504Nittass this is from a windows 7 packet capture without going through BigIP LTM
OPTIONS /somefile/doc HTTP/1.1
Connection: Keep-Alive
User-Agent: Microsoft-WebDAV-MiniRedir/6.1.7601
translate
HTTP/1.0 302 Found
Location: http://fqdn/somefile/doc
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
Any chance on an update - Auz_102504will this work
when HTTP_REQUEST {
if { [HTTP::header User-Agent] contains "Microsoft-WebDAV-MiniRedir"} {
event disable all
}
elseif { [HTTP::host] equals "hostname"} {
HTTP::redirect "http://fqdn[HTTP::uri]"
event disable all
}
} - Auz_102504just to confirm the above rule works well
- nitassthanks for update.
just wondering if it works fine without disabling http for unrecognized http methods.
sol5924: Support for WebDAV in a BIG-IP LTM HTTP profile (9.x through 10.x)
http://support.f5.com/kb/en-us/solutions/public/5000/900/sol5924.html
for the irule, i think event disable all might not be needed. - Auz_102504The following also works well I didn't need to disable the second statement
when HTTP_REQUEST {
if { [HTTP::header User-Agent] contains "Microsoft-WebDAV-MiniRedir"} {
event disable all
}
elseif { [HTTP::host] equals "hostname"} {
HTTP::redirect "http://fqdn[HTTP::uri]"
}
}
webdav as outlined doesn't understand http redirects so to ensure it doesn't get redirected we need to identify it using this
if { [HTTP::header User-Agent] contains "Microsoft-WebDAV-MiniRedir"} {
if this condition is met we need to ensure that redirect doesn't take place to do this we use
event disable all
then for all other conditions perform the redirect
elseif { [HTTP::host] equals "hostname"} {
HTTP::redirect "http://fqdn[HTTP::uri]"
thanks for your help nitass, much appreciated.