I am configuring the F5 APM to protect the access between two applications. I will use APP-1 and APP-2 terms to explain the scenario that I need to deploy using the F5.
The APP-1 is the main application that users use to access the APP-2. The APP-1 makes a request to a URL to access the APP-2 (URL is HTTP://app-2:9090) and the most important information is APP-1 sends a Cookie value to APP-2 to validade the session and allows the user has access to the application.
The current scenario allows the users access the APP-2 without control, but I need to change this behavior using the F5 APM. So, I did the follow configuration in the F5 APM. I created two virtual servers, one that is running in the port 9090, and the other running in the port 443.
When I did the test using the APP-1 to access APP-2, the request is send to F5 APM in the virtual server (port 9090) and there is a policy to redirect all traffic to the another virtual server (port 443). The APP-1 shown the logon page, after the logon, I can see the APP-2 logon screen. There is a problem, without the initial Cookie value sends by APP-1, I can't logon in the APP-2.
So, I need to find out a way to take the APP-1's cookie and use it when I call the webtop URI to access the APP-2 application.
APP-1 ----> request HTTP://APP-2:9090 and send Cookie value ---> F5 APM's VS IP:9090