First, you WILL need to offload the SSL to the BigIP before you can do this. That doens't mean you have to drop the SSL on the poolmembers, you can always re-encrypt. But without the offload, the BigIP can't see the content (And thus the URI) to do the redirect.
The code
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/ppm" } {
HTTP::uri [string map -nocase {"/ppm" "/adfs/ls/IdpInitiatedsignOn.aspx?loginToRp=https://ppm.3rdparty.com "} [HTTP::uri]] }
}
}
Looks fine at first glance (Logically I dont' see an issue. I haven't verified any syntax or lexically 🙂
Apart from the tolower bit of course... URI's are case sensitive by RFC... They're only case insensitive on windows really... So you're defeating the HTTP spec that says /PPM is a DIFFERENT URI from /ppm. (That's possibly being a bit pedantic of me. But it's how the standards are written. And I love standards).
H