14-Jul-2020 08:30
Hi all
We have request flow: End-user ==(HTTPS)==> F5 (Offload SSL) ==(HTTP)==> App Servers
https://a.b.c.d/ARXAL/AALIndex.jsp
2. App Server return HTTP Code 302, redirect to URL:
http://a.b.c.d:80/ARXAuth/index.jsp?redirectURL=http://a.b.c.d:80/ARXAL/AALIndex.jsp
3.LB return HTTP Code 307, redirect to URL:
https://a.b.c.d/ARXAuth/index.jsp?redirectURL=http://a.b.c.d:80/ARXAL/AALIndex.jsp
4. App Server received request from LB and popup windows with URL:
https://a.b.c.d/ARXAuth/LoginScreen.jsp?redirectURL=http://a.b.c.d:80/ARXAL/AALIndex.jsp&userType=cop
Plz help us.
16-Jul-2020 03:53
Hi Hoang Hung,
If you configured HTTP Strict Transport Security(HSTS) in load balancer or servers, redirection code is 307.
If you want 302 redirect, you can remove hsts header and clear hsts settings in browser.
Clean HSTS: https://www.thesslstore.com/blog/clear-hsts-settings-chrome-firefox/
19-Jul-2020 08:51
Hi eaa
If we use same your solution, we need config on all my people. But it is web sevice provide for user Internet . So we feel that it is not good solution.
Thanks eaa.
Do u know other solution ?