Forum Discussion

sricharan61's avatar
Nov 19, 2019

How to use an irule to append URI path in the post logon redirect parameter

How to use an irule to append URI path in the post logon redirect parameter. I am using an irule to redirect APM user to azure logout page to get him logged out of azureAD first and then have him come back to the APM. Azure gave us the logout URI that can be used to redirect the user to azure logout, which also has this post_logout_redirect_uri parameter that can be used to redirect the user back to the F5 on a specific URI. The irule i am using is this

 

when HTTP_REQUEST

{ if {[HTTP::uri] contains "/logout-apm"} {

   HTTP::redirect "https://login.microsoftonline.com/common/oauth2/v2.0/logout?post_logout_redirect_uri=https://xxx-xxxxxxx.com/includes/logged_out.aspx"}

   }

 

Can I use HTTP::HOST and HTTP::URI parameters inside the post_logout_redirect_uri parameter here to have azure redirect back to the APM hosted instance as the initial request was instead of specifying the exact FQDN and URI specifically.

We are trying to use the same irule to be applied to any VIP that needs it instead of creating more entries under the irule for each specific application logout URI paths and setting new and different conditions for each of those triggers. We could have a lot of those application logout URI paths and also other VIPs which may need similar solution using more irules.

 

Also, If the application is able to set the user to come in with a specific trigger path for logout that includes the post_logout_redirect_uri included, can i just refer the irule to look for the same and only append the same detail to the azure logout URI as well ?

2 Replies