iRule for Seamless URI Redirection
Hello all,
I am hoping someone can assist in either helping write an iRule or point me to one that has already been written for the below requirement.
The use case is -
A client is using APM to provide internal and external access to Google Mail using SAML SSO and along side this provide external access to a Web Portal resource also via APM. We have configured the internal access to authenticate users with Kerberos (to avoid them having to login with AD creds) and then pass on to Full Resource Assign (SAML SSO for Google Mail). The external access client are required to login via Logon Page/AD Auth and then SAML SSO for Google Mail kicks in.
Requirement -
The client wants to use a URI Landing page function to identify certain URIs at the end of their domain i.e. remote.companydomain.com/mail) and then redirect that to a certain resource to make the user experience as seamless and automated as possible. They have hinted that they would prefer the users not have to click on any resource icons on the webtop and this is where the URI automation comes in.
There is no requirement for the iRule to handle any AAA as this is already working within the VPM using Macros etc.
I have been told by F5 that this is possible with an iRule or two but do not have any skills with iRules. There is an iRule currently configured that is only providing the seamless automation for the SAML SSO for Google Apps but would like to expand on this to include the URI identification and redirection to the relevant resource.
The current iRule is: when ACCESS_POLICY_COMPLETED { Redirect to the Portal Object ACCESS::respond 302 Location "/saml/idp/res?id=/Common/gapps_sso"}
This iRule will be somewhat irrelevant with the new iRule as the above is basically a catch all when the access policy completes with an "Allow" and is only specific for the GAPPS SAML SSO.
So the flow should be something like this:
- domain.com/mail -> AAA -> GMail SAML SSO* domain.com/uri_1 -> AAA -> Internal Portal Resource 1
- domain.com/uri_2 -> AAA -> Internal Portal Resource 2
- domain.com/uri_3 -> AAA -> Internal Portal Resource 3
If anyone can assist, I would be most grateful.
Thanks in advance.
Nick