Forum Discussion

DB's avatar
DB
Icon for Nimbostratus rankNimbostratus
Mar 25, 2010

Changing 403 to a 302 response based in incoming User-Agent?

We have uncovered an unexpected 'feature' in Microsoft SharePoint that's causing us some problems. Specifically, if SharePoint detects a non-browser client attempting to access a secured page on a site using Forms Authentication, it will return a 403 response rather than the normal 302 redirection to the forms logon page.

 

 

The problem is, SharePoint's definition of a non-browser client is anything without 'Mozilla' in the User-Agent string. And unfortunately, many of the mobile browsers on the market don't send 'Mozilla' anywhere in their UA string. I am wondering if this is something I can take care of in LTM. If the server is attempting to send a 403 response to the client and if the client's UA string does not contain 'Mozilla', I would like to modify that response to be a 302 redirection to the logon page (/_layouts/login.aspx?ReturnUrl=.

 

 

Is there a way I can tie a request coming in that doesn't have Mozilla as the user agent and wait for the response to see if it's a 403 and then do the redirect using an iRule?

 

 

DB.
application delivery
dev
devops
iRules

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Mar 25, 2010
    Hi DB,

     

     

    I think there is an MS hotfix for this. If that hotfix doesn't look correct, it might be easier to just insert mozilla in the user-agent string if it's not there already. Or you could implement the logic you've described. Let us know whether you want some example iRules.

     

     

    You cannot view a forms-based authentication Windows SharePoint Services 3.0 site if you have Office Live Update 1.2 for Microsoft Office Live Workspace installed

     

    http://support.microsoft.com/kb/972535/

     

     

    Aaron