CirrusSOAP HTTPS redirects not working (Postman / SoapUI)
Hello, I am using the Postman application, as well as SoapUI, to test some SOAP requests to an application that is behind our F5 WAF.
When I send SOAP HTTPS POST requests, the WAF handles the request perfectly and all tests pass. However, when I send these requests over HTTP, tests do not succeed and I get an HTTP 500 error. To be clear, I have the default F5 iRule attached to the virtual server to redirect HTTP requests to HTTPS, and it does work. If I make a request to the site through the browser over HTTP, it gets sent to HTTPS.
As another side note of troubleshooting, I have seen old threads that mention the Postman Interceptor Chrome extension being necessary for some API testing. I have installed it, turned it on, and I still get the same issues.
My next step was turning on HTTP Analytics logging and looking at some of these requests to see if I could spot a difference between where we force HTTPS and where we leave it as HTTP. From what I can tell, it looks like every HTTP 500 response shows that it was a GET request... which is wrong, because the tests are configured as an HTTP POST. So to me it seems like the WAF is redirecting the HTTP POST to an HTTPS GET, which is why we get the 500 response code.
Does this sound like anything someone has seen before? Any insight as to why this is occurring is appreciated.
