Jure_48098
Feb 15, 2008Nimbostratus
SSL login redirect
I have a site that I'm tryng to migrate to LTM, that is running HTTP and HTTPS. The login POST always goes to the SSL server. Server then does the auhorisation and returns a HTTP 302 redirect with the Referer URL as the new Locaton (and some new cookie)..
In it's current version, there are some proxies in front of the application server (thar really does the content) and SSL is terminated there.
Now I terminate SSL on the LTM and have only the http proxy in between. The trouble is, that whenever a user logs in, he gets a 302 redirect to the HTTP site, because the server always returns a HTTP redirect (uses just the path part of Referer) and before the SSL proxy took care it remaped that to SSL if needed.
What I'd like to know, is there a way to keep state in an iRule of the Referrer location when the user request arrived and the server issues a response, so I could redirect the ones that have HTTPS referer to HTTPS and leave the HTTP ones as they are..
One other idea that comes to my mind is, to insert a ?ssl or something in the Referer header on the way in and delete it + redirect to SSL on the way out.
What is the best way to handle such an issue?
Thanks
Jure