Landing URI iRule HTTP redirection

Question

Hi all,
I'm working on a small iRule be executed if a user has tried to hit the root uri for a remote access site I am setting up (eg. http://host.co.uk/). The expected behaviour is, if someone hits the root I have a logon page set up with radio buttons to select different domains which have different Landing URI's. The user will select the radio button and a session variable is generate (session.last.logon.domain) which contains the landing URI for that domain. After this the iRule is triggered and they are redirected to the correct uri (eg. https://host.co.uk/blah).
This question has a very similar scenario to myself, but mine is a lot simpler I think since I am only concerned with the redirection and the Landing URI VPE object which is before this performs the required logic to filter out the legitimate requests, meaning the iRule has no need to analyze the URI, since the iRule trigger will be the 'fallback' of the Landing URI object.
Here is my current iRule...
when ACCESS_POLICY_AGENT_EVENT {
    set path [ACCESS::session data get session.logon.last.domain]
    ACCESS::session remove
    HTTP::redirect "https://host.co.uk/$path/"
}

The current behaviour when I go down the path to trigger this iRule is that it seems to go back to the landing page "/my.logon" with a dead screen. Pretty much what you'd expect when "ACCESS::session remove" is triggered, but the redirection is not occurring.
Any ideas?

shopkeeper56_23 · Accepted Answer

Managed to solve the issue without the iRule or Variable assignment to session.server.landinguri.&nbsp;
All I needed to do was created a Redirect ending and it performs the redirect to the beginning of the policy with the desired uri appended to the end and closes the existing session.&nbsp;
Perfect!&nbsp;
&nbsp;

ekaleido · Answer

Why are you doing a redirect in that event as opposed to HTTP_REQUEST?&nbsp;

lucas_thompson_ · Answer

You don't need any irules to do this.&nbsp;
APM sets a variable called "session.server.landinguri" that contains the URI that the client requested at the very start of the session. At the end of the session (in LTM+APM mode), it will redirect to that URI. And you can override this session variable by just setting it to whatever you want.&nbsp;
The irule you've got isn't really the best way to do it. You don't need to remove the session and redirect the user, instead just set session.server.landinguri and the user will be automatically redirected once the policy is complete.&nbsp;

shopkeeper56_23 · Answer

I see what your saying. Sounds a lot simpler. I will test this when I'm back at my desk and report back.&nbsp;

shopkeeper56_23 · Answer

Lucas - So I tried your method. I have a logon page with radio buttons to determine the uri to redirect to. The after this step I perform a variable assign to session.server.landinguri which then leads to the end of the policy with an allow. I can see the uri is being applied but the page fails to load. Do I need to configure some kind of apm session restart as part of this process?

shopkeeper56_23 · Answer

I figured out how to do it! See Answer&nbsp;

Forum Discussion

Landing URI iRule HTTP redirection

6 Replies

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Landing URI Branch Rule

RegEx on Landing URI

iRule assistance for subfolder redirect

Redirection with datagroup and irule

iRule redirect based on hostname