CSA
Feb 17, 2009Nimbostratus
Redirections HTTP to HTTPS (for login) to HTTP (for usage)
Hello all,
We use BigIPs for many applications used over a WAN. Our WAN has some boxes to compress/accelerate HTTP traffic, but they can't do it with HTTPS. We don't want to send the login/password in clear text over the network, so we want to use HTTPS for this.
So we would like to use the BigIPs like this :
- if someone use http (and is not logged in), redirect him to https
- each time someone has to authenticate, https is compulsory.
- once the authentication is done, use HTTP
What is the best way to do this ?
Is it this one :
- irule to redirect http to https when the application shows the login page (it shows it each time the user wants to load a protected page : this is handled by the application itself)
- irule to redirect https to http when it's not the login page (meaning the user is already authenticated from an application point of view)
Is there a smarter way ? Is it ok or the BigIP session mechanism ?
And second question : some applications just change the content to ask for the credentials, but the page name can be anything: is it possible to check in the content of the page for some strings and are the ressources used to do this acceptable ?
Thanks !
--
LB