Forum Discussion

Nimbostratus

Jul 29, 2017

Redirect after APM completes to original uri

Greetings F5 Guru's! I have a bit of a dilemma we would like to preserve the landinguri for users for a specific site, and after successful authentication redirect them to the original uri they requested. This seems like it would be easy but I have been working on it for days and cannot seem to get the right combination of events etc...

Any help / tips / ideas would be greatly welcomed and appreciated - here is the irule:

using ACCESS_SESSION_* events to keep it from firing more that once only want to control the initial redirect out of the policy Also tried ACCESS_SESSION_COMPLETED

when ACCESS_SESSION_STARTED {

`set landing_uri [ACCESS::session data get "session.server.landinguri"]

log local0. "iRULE REDIRECT STARTING"

 store original server name

set landing_server [ACCESS::session data get "session.server.network.name"]

log local0. "Current host: $landing_server"

 NOTE: if block was trying to use HTTP::host - not valid TCL errors

if { $landing_server equals "some.site.com" } {

ACCESS::session data set session.server.landinguri $landing_uri

 NOTE: tried to use HTTP::redirect and also tried to set location

 Cannot seem to use HTTP within this context

} else {

log local0. "iRULE REDIRECT DID NOTHING - No match for site"

Comments are left in for debug, I can see its trying to work, since I cannot seem to use HTTP options like redirect or uri - I cannot seem to get it done.

Any ideas? Thanks for your time and consideration!

14 Replies

Yann_Desmarest_
Nacreous
Aug 01, 2017
Hi,

Sorry, I'm missing something. By design, APM redirect the user to the session.server.landinguri after APM policy completed.

Can you explain a little bit more your need ?

Bye

Yann
- JdTokenRing_173
  Nimbostratus
  Aug 01, 2017
  Thanks for the interest firstly! I want to change the session.server.landinguri to the uri they originally landed on F5 with. So if a user hits the f5 with /documents/somedoc.pdf I would like to store it and then send them to it after authentication. I thought the landinguri was the var that stored that initial landing not where apm sent them.
  
  So would it be as simple as creating a custom VAR in my policy that stores this initial value and then queue this irule to send them to there instead of the configured landinguri?
  
  so that initial block would read
  
  when ACCESS_SESSION_STARTED {
  set landing_uri [ACCESS::session data get "session.user.customvaruri"]
  
  So that would cause the set of the landing_uri later to successfully send them where they needed to go? Also should I use ACCESS_SESSION_COMPLETED instead of STARTED?
  
  Many thanks!
- Yann_Desmarest_
  Nacreous
  Aug 01, 2017
  Hi,
  
  The session.server.landinguri is filled with the very first request the user do to your application. So, this var should be good for your need.
  
  I used to modify session.server.landinguri to redirect users to a specific location after authentication complete. So, you can used it as well. The only exception is if you are using Multi-domain SSO configuration, it's a little bit harder.
  
  Yann
- JdTokenRing_173
  Nimbostratus
  Aug 01, 2017
  So then setting the landinguri after the if block really does nothing. I should use another method like HTTP::redirect? except if I use that I get TCL runtime errors about not being having a valid context.
  
  Given the above, how would you redirect after login?
  
  Many thanks for your time!!
Yann_Desmarest
Cirrus
Aug 01, 2017
Hi,

Sorry, I'm missing something. By design, APM redirect the user to the session.server.landinguri after APM policy completed.

Can you explain a little bit more your need ?

Bye

Yann
- JdTokenRing_173
  Nimbostratus
  Aug 01, 2017
  Thanks for the interest firstly! I want to change the session.server.landinguri to the uri they originally landed on F5 with. So if a user hits the f5 with /documents/somedoc.pdf I would like to store it and then send them to it after authentication. I thought the landinguri was the var that stored that initial landing not where apm sent them.
  
  So would it be as simple as creating a custom VAR in my policy that stores this initial value and then queue this irule to send them to there instead of the configured landinguri?
  
  so that initial block would read
  
  when ACCESS_SESSION_STARTED {
  set landing_uri [ACCESS::session data get "session.user.customvaruri"]
  
  So that would cause the set of the landing_uri later to successfully send them where they needed to go? Also should I use ACCESS_SESSION_COMPLETED instead of STARTED?
  
  Many thanks!
- Yann_Desmarest
  Cirrus
  Aug 01, 2017
  Hi,
  
  The session.server.landinguri is filled with the very first request the user do to your application. So, this var should be good for your need.
  
  I used to modify session.server.landinguri to redirect users to a specific location after authentication complete. So, you can used it as well. The only exception is if you are using Multi-domain SSO configuration, it's a little bit harder.
  
  Yann
- JdTokenRing_173
  Nimbostratus
  Aug 01, 2017
  So then setting the landinguri after the if block really does nothing. I should use another method like HTTP::redirect? except if I use that I get TCL runtime errors about not being having a valid context.
  
  Given the above, how would you redirect after login?
  
  Many thanks for your time!!