20 Lines or Less #84: iRule Solutions for Basic Auth, Host Rewrites, and Conditional Redirects

What could you do with your code in 20 Lines or Less?

That's the question we like to ask from, for, and of (feel free to insert your favorite preposition here) the DevCentral community, and every time we do, we go looking to find cool new examples that show just how flexible and powerful iRules can be without getting in over your head. Thus was born the 20LoL (20 Lines or Less) series many moons ago. Over the years we've highlighted hundreds of iRules examples, all of which do downright cool things in less than 21 lines of code.

Basic Authentication for Specific Page


Shout out to member Yossi, who came to the table with code in hand trying to protect a specific page with basic authentication. Community stalwart nitass walked Yossi through the final pieces to this workable solution.


  if {not ([string tolower [HTTP::uri]] contains "somepage.jsp")} {
  binary scan [ md5 [HTTP::password]] H* password
  if { [class lookup "[HTTP::username]" authorized_users] equals $password } {
    log local0. "User [HTTP::username] has been authorized to access virtual server [virtual name]"
  } else {
    if { [string length [HTTP::password]] != 0 } {
      log local0. "User [HTTP::username] has been denied access to virtual server [virtual name]"
    HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\""

Stream Rewriting


Member Joseph has a need to mock production in an internal environment, and sought out some help wrapping up his iRule to rewrite the host in both directions between client and server. Several members contributed to what Joseph posted back as a final solution.


  HTTP::header remove "Accept-Encoding"
  log local0. "Host: [HTTP::host]"
  if { [string tolower [HTTP::host]] equals "www.abc.com.int.xyz.com"} {
    HTTP::header replace "Host" "www.abc.com"}
    pool POOL1
    log local0. "Setting Pool: POOL1"
  if {[HTTP::header value Content-Type] contains "text"}{
    STREAM::expression {@www.abc.com@www.abc.com.int.xyz.com@@www.def.com@www.def.com.int.xyz.com@}

Conditional Redirects on Hostname


David had a list of requirements to solve, and one was to send traffic to default pool for some domains but redirecting to SSL otherwise. The switch is a good conditional to use in this case, you can chain multiple hosts to one action. Power user nathan provided a nice solution to David’s requirements.


    # Save the name of the VS default pool
    set default_pool [LB::server pool]
  switch [string tolower [HTTP::host]] {    
    "www.domain-a.de" -
    "www.domain-b.de" -
    "www.domain-c.de" { 
       # send these to default pool
       pool $default_pool 
    default { HTTP::redirect "https://[HTTP::host][HTTP::uri]" }
Published Jan 07, 2015
Version 1.0

Was this article helpful?

No CommentsBe the first to comment