iRule question

Question

for one of the application using SAML for authentication. F5 is pass through for authentication, no apm policy applied&nbsp;
requirement is as below.&nbsp;
SSO should be enabled if already login into enterprise applications. (thinking of using MRHsession cookie, not sure though)If user is accesing application from office laptop (where already login into corporate network using AD ntlm) access should be seamless.For other users it should go to /public login page

brad_parker · Answer

Will something like this possibly work for you?
when HTTP_REQUEST {
    check for session cookie and forward on to pool if exists
    if { HTTP::cookie exists MRHsession }{
        return
    }
    if no session cookie check is client is on the corporate network and forward on to pool if yes
    elseif { [IP::addr[IP::client_addr] equal 10.0.0.0/8] }{
        return
    }
    if no session cookie or not on the corporate network redirect to the public login page
    else {
        HTTP::redirect "http://[HTTP::host]/public"
    }
}

Forum Discussion

iRule question

1 Reply

Recent Discussions

F5 Rseries R2600 Tenant sizing

iRule help masking IBM host URL/URI

Need advise to setup a policy on F5

Advise on setting up IRULE

Help with URL Masking

Related Content

irule redirect question

Question about irules and Virtual servers and caching of irules

Standalone BIG-IQ Upgrade Question

question of limitation and expiration for rest api token

SNAT question