NimbostratusHi, i need to redirect http requests. I do something like HTTP::redirect https://site.example.com[HTTP::uri] Its ok for http method get but POST its not OK. The http request client (method POST) is a jboss server that is trying to access a web service. What is the better solution for this scenario? Thanks
EmployeePerhaps one of the best way to do this is with a 307 redirect. It isn't honored by all browsers, but is intended to preserve the original HTTP method.
when HTTP_REQUEST {
if { [HTTP::uri] equals "/" } {
HTTP::respond 307 Location "https://site.example.com[HTTP::uri]"
}
}
The JBOSS server probably does not understand a redirect because it is not a browser.
Use encryption on the backend. In other words, accept the traffic as HTTP and forward it as HTTPS. You accomplish that by adding a serverssl profile to the virtual server accepting unencrypted traffic.
This also means that you will be using the same backend pool for both Virtual servers.
By the time you get the POST request, the POST data already traveled in the clear on its way to the BigIP. You may as well just forward it to the backend.
Nimbostratus
AltostratusThere might be a bigger question here: why is the service requiring SSL? If this is a legal, corporate, or industry requirement it may expose the company to legal risks if you allow the JBOSS server to use HTTP.
