Forum Discussion

pgranere_71831's avatar
pgranere_71831
Icon for Nimbostratus rankNimbostratus
Sep 01, 2010

need help with irule for magento shopping cart

I'm hoping some kind f5 guru will help me out. We are using magento for our shopping cart solution, our F5's are running 9.1.2 and handling ssl. I'm only I need help writing a irule, when someone goes to our site (im not sure if am allowed to post our url here) they click an item they want when they are done shopping and want to continue to checkout it asks them to login once they login it goes to like an account dashboard, it used to not do this when we served the ssl on the severs. It would just allow them to continue with the checkout process. Would someone be willing to take some time to assist me? I have contacted the F5 ondemand i haven't heard back yet.
application delivery
dev
devops
iRules

5 Replies

Sort By
  • Chris_Miller's avatar
    Chris_Miller
    Icon for Altostratus rankAltostratus
    Sep 01, 2010
    I assume your backend systems are deciding that because the F5 is sending cleartext data to them, the user must not be logged in. You can either re-encrypt the data using a server-ssl profile, or you can reconfigure the backend system.
  • Chris_Miller's avatar
    Chris_Miller
    Icon for Altostratus rankAltostratus
    Sep 02, 2010
    Is something in the magento code automatically sending them to their profile? When it redirects them to their account profile, is it doing so over HTTP or HTTPS? I have a feeling magento might not like seeing cleartext login data...
  • L4L7_53191's avatar
    L4L7_53191
    Icon for Nimbostratus rankNimbostratus
    Sep 02, 2010
    I'm not familiar with this product, but I suspect that Chris is on to something here. Without seeing some of the specifics of this application (HTTP headers, for example) it's a little hard to say for sure though.

     

     

    It's common for app servers to dynamically build redirects based on the request port numbers. Since BigIP translates this when terminating SSL, the app server can sometimes make poor assumptions about where it's supposed to send users. The good news is that most of them give you some provision to tell the app server that it's behind a proxy device, which will usually help matters.

     

     

    -Matt
  • pgranere_71831's avatar
    pgranere_71831
    Icon for Nimbostratus rankNimbostratus
    Sep 02, 2010
    without meaning to advertise or anything the site is www.citydeals.com when you add something to your cart go to checkout, it will then ask you to login after you register (doesn't require credit card) go through this process again login and it takes you to an account profile page, we have told magento to disable this feature and allow them to continue the checkout process and this is supposed to work, however, it doesn't. when you go to the checkout process it is https. so basicly we want them to login and then just send them back to the checkout process like we have told it to.. i'm sure its probably a ssl issue since the f5's are doing the ssl offloading we did not see this issue when the actual apache servers where handling it. if this is a continual issue with magento i think we may have to go back to having ssl being handled by the servers. If this is the case how difficult is it to remove ssl handeling from the lb and have it pass through to the apache servers. I'm new at the F5's so forgive me for being a noob. i greatly appreciate your help.
  • Chris_Miller's avatar
    Chris_Miller
    Icon for Altostratus rankAltostratus
    Sep 02, 2010
    Right now, you have an HTTPS VS with client-ssl profile and pool members listening on port 80. You need to create a pool with pool members listening on 443, and from your HTTPS VS, use that as a default pool while also removing your client-ssl profile.

     

     

    You could also enable a server-ssl profile to re-encrypt data between the F5 and the servers to see if that fixes the problems.