Forum Discussion

tfinkelstein's avatar
tfinkelstein
Icon for Nimbostratus rankNimbostratus
Jul 24, 2023
Solved

Irule Example Issue

Need help , i have F5 that i create i rule from www.web.com/ to redirect to www.web.com/login , After user login he need to be redirected to www.web.com/home.

I tried 2 IF on irule nothing work once i add additional rule after login its not working

application delivery
  • Paulius's avatar
    Paulius
    Jul 25, 2023

    tfinkelstein Does the end user receive any sort of cookie once they have successfuly logged into the system? If so you can configure an iRule to redirect to /login when only / is found and when a specific HTTP header such as a login cookie isn't in the HTTP header but if it is then just send the user to /home. Please keep in mind that the F5 would not be validating the HTTP header value against any sort of user login even and would just be a search for value and perform said action. It would be up to the receiving server to validate that the user did log in and the HTTP value they provide is for the user session.

  • whisperer's avatar
    whisperer
    Jul 25, 2023

    Paulius has a good point, if you know the name of the cookie being set by the application upon successfull login, you have have logic similar to the following:

    when HTTP_REQUEST {
  if { [HTTP::uri] equals "/" }
    HTTP::redirect "https://[HTTP::host]/login"
  }
  if { [HTTP::cookie exists "nameofcookie"] } {        
    HTTP::redirect "https://[HTTP::host]/home"       
  }        
}

3 Replies

Sort By
  • Paulius's avatar
    Paulius
    Icon for MVP rankMVP
    Jul 25, 2023

    tfinkelstein Does the end user receive any sort of cookie once they have successfuly logged into the system? If so you can configure an iRule to redirect to /login when only / is found and when a specific HTTP header such as a login cookie isn't in the HTTP header but if it is then just send the user to /home. Please keep in mind that the F5 would not be validating the HTTP header value against any sort of user login even and would just be a search for value and perform said action. It would be up to the receiving server to validate that the user did log in and the HTTP value they provide is for the user session.

    • whisperer's avatar
      whisperer
      Icon for MVP rankMVP
      Jul 25, 2023

      Paulius has a good point, if you know the name of the cookie being set by the application upon successfull login, you have have logic similar to the following:

      when HTTP_REQUEST {
  if { [HTTP::uri] equals "/" }
    HTTP::redirect "https://[HTTP::host]/login"
  }
  if { [HTTP::cookie exists "nameofcookie"] } {        
    HTTP::redirect "https://[HTTP::host]/home"       
  }        
}
  • whisperer's avatar
    whisperer
    Icon for MVP rankMVP
    Jul 25, 2023

    You can do the 1st redirect easily. I would actually suggest a Local Traffic Policy instead. However, the login page, where is that being performed? Application server or F5 APM session policy? If on the app server, you would need to perform the redirect there and not on the F5.