I´ve changed a little the scope of the irule, instead of encrypt/decrypt de URI, I create a cookie (encrypted) to control the access of a specific pool.
In the default pool, the application already has an authentication control, but the other pool is called by de default one and has no user session or any type of control, so without the irule any internet user could access the application. the last version of the irule is listed below:
when RULE_INIT {
set ::cookiename "JSESSIONKEY"
set ::aeskey [AES::key 128]
}
when HTTP_REQUEST {
set collect_payload 1
set http_query [findstr [HTTP::query] "key=" 4 end]
set http_uri [string tolower [HTTP::uri]]
if { [HTTP::cookie exists $::cookiename] } {
set collect_payload 0
}
if { $collect_payload } {
Sem Chunk
if { [HTTP::version] eq "1.1" } {
if { [HTTP::header is_keepalive] } {
HTTP::header replace "Connection" "Keep-Alive"
}
HTTP::version "1.0"
}
}
if { $http_uri starts_with "/pool_to_protect" } {
if { [AES::decrypt $::aeskey [b64decode [URI::decode [HTTP::cookie value $::cookiename]]]] eq $http_query } {
pool pool_protected
} } elseif { $http_uri starts_with "/default_pool"} {
pool pool_default
}
}
when HTTP_RESPONSE {
if { $collect_payload } {
Coletar Content_length ou setar em 1 MB
set clen [HTTP::header Content-Length]
if { not [info exists clen] or "" eq $clen } {
set clen 1000000
}
HTTP::collect $clen
}
}
when HTTP_RESPONSE_DATA {
if { $collect_payload } {
set chave [findstr [HTTP::payload] "key = " 7 "'"]
if {[string length $chave] > 1 } {
HTTP::cookie insert name $::cookiename value [URI::encode [b64encode [AES::encrypt $::aeskey $chave]]] path "/" domain "www.domain.com"
}
}
}
thanks for everyone for the help and tips.