Tosin_Omojola
Oct 21, 2016Altostratus
Grant Access To Users Based on Referer Header Value
I want to grant access to users based on a referrer value and to redirect them to login if the referrer is invalid. This is not meant to be a security fix though, it is just to ensure users access the application FROM the company portal which they must login to. According to the config below:
when HTTP_REQUEST {
switch -glob [HTTP::header "Referer"] {
"http://click.bank.com/dashboard.php" {
Coming from the right page. Allow Request to go through...
if { [string tolower [HTTP::uri]] ends_with "/eod" } {
pool BankAppPool member 10.10.1.51 8888
log local0. "Requested path - admin sent to App1"
log local0. "clientIP:[IP::client_addr] accessed [HTTP::host][HTTP::uri]"
HTTP::redirect "/forms/frmservlet?config=ref&serveruserparams=NLS_LANG=AMERICAN_AMERICA.AR8MSWIN1256&otherparams=P_WST_LAN_IND=1+P_BANKS_APP_URL=http://10.10.1.51:9001/banks"
HTTP::redirect "http://10.10.1.51:9001/forms/frmservlet?config=ref&serveruserparams=NLS_LANG=AMERICAN_AMERICA.AR8MSWIN1256&otherparams=P_WST_LAN_IND=1+P_BANKS_APP_URL=http://10.10.1.51:9001/banks"
} elseif { [string tolower [HTTP::uri]] ends_with "/" }{
log local0. "Requested path - distribute Round robin"
HTTP::redirect "http://pam.bank.com:9001/forms/frmservlet?config=ref&serveruserparams=NLS_LANG=AMERICAN_AMERICA.AR8MSWIN1256&otherparams=P_WST_LAN_IND=1+P_BANKS_APP_URL=http://10.10.1.57:9001/banks"
log local0. &8220;Requested path - banks"
}
}
"" {
redirect to login page
HTTP::redirect "http://click.bank.com/index.php?resp_id=MLG"
}
default {
redirect to login page
HTTP::redirect "http://click.bank.com/index.php?resp_id=MLG"
}
}
}
The redirect is working very fine as defined but the application accepting the request for valid navigation fails to load. It just hangs indefinitely. It works fine without the referrer-based redirect but, once the referrer check is introduced, it doesn't load. Is there something I'm missing in the iRule definition? Please help. Thank you!