Hi Guys,
I know this topic is quite some days old, but I have some strange behavior in a similar setup. The LB should just be used to proxy two RSA servers to be reachable from the Internet.
The strange thing is, when accessing for example /console-selfservice/ directly on the server I get a webpage displayed. Trying the same URL via the LB I'm ending up in a redirect-loop. I found out that doing a HTTP/1.0 request on the commandline of the LB towards the server I also get the correct page as response. But doing a HTTP/1.1 - using either public DNS, server DNS or serverIP - I'm ending up in the redirect-loop again.
Btw. the redirect-loop is not between two URIs, but always the same URI just adding the jsessionid again and again.
Right now I've implemented the following iRule with that the application seems to work:
when HTTP_REQUEST {
HTTP::header remove Host
HTTP::version "1.0"
}
when HTTP_RESPONSE {
if { [HTTP::header exists Location] } {
HTTP::header replace Location [string map -nocase {"" "" ":7004" "" "//:7004" "//"} [HTTP::header Location]]
}
}
The last mapping is required, because when doing a login on URI /console-ims/ the server respond with a redirect containing an empty Host-header.
I'm not an application expert, especially not for RSA, but I'm wondering if this is related to a wrong server configuration or if I have to do a special configuration on the LB (currently I expect the first one).
Anyone an idea where and what I can look for?
Thank you!
Ciao Stefan 🙂