Forum Discussion
Frank_Schuhmach
Nimbostratus
After several tests it seems that the ASM cannot work with wildcards or regex in the expected validation header name and value field. So i found a solution writing iRule inserting an additional header in the server response. The iRule inserts the header before the ASM inspects the response. ASM now checks Expected validation header name and value field for "Login: succeeded"
when HTTP_REQUEST {
check if request is /shop/login.do , setting is_logon as flag
if { [HTTP::uri] equals "/shop/login.do" } {
set is_logon true
} else { set is_logon false }
}
when HTTP_RESPONSE {
check if response is a Redirect and my flag is_logon set
if { [HTTP::is_redirect] && $is_logon } {
if { [HTTP::header Location] ends_with "/shop/viewLoginForm.do" } {
HTTP::header insert Login failed
}
elseif { [HTTP::header Location] ends_with "/shop/viewUserHome.do" || [HTTP::header Location] ends_with "/shop/initiateOrder.do" } {
HTTP::header insert Login succeeded
}
}
}
David_Martin
Mar 21, 2019Nimbostratus
Great idea!, thanks for sharing