NimbostratusHTTP redirect within an ACCESS_POLICY_AGENT_EVENT
Hi,
Im trying to create an iRule for the following case:
Registered users log in with a specific path (/login) and have their usernames sent in a query string to APM, APM auto-fills the login page with that username. This I've successfully implemented, but the problem I have is with error handling.
If an unregistered user accesses the /login -path or the query string is empty, they need to be redirected to a default APM site where they register. Im trying to do ACCESS::session remove and then a redirect to [HTTP::host]. So far I'm getting the following error message in ltm log:
http_process_state_prepend - Invalid action EV_TCL_CLOSE during ST_HTTP_PREPEND_HEADERS
Also I did some logging and noticed that the [HTTP::host] command returns an empty value
I also tried forcing the redirect to google.com, but the same error pops up.
So basically I want to allow access to users who connect with https://example.com/login&usrname=XXXXX (this is working), and redirect users who connect with https://example.com/login or /login&usrname= (empty value) to an registration site (APM default site)
Any ideas how to fix or a workaround?
My current iRule:
when ACCESS_POLICY_AGENT_EVENT {
if { [ACCESS::policy agent_id] eq "registered" } {
set path [ACCESS::session data get session.server.landinguri]
set name [URI::query $path "usrname"]
set host [HTTP::host]
log local0. "Path: $path"
log local0. "Query: $name"
log local0. "Host: $host"
if { $path starts_with "/login" } {
ACCESS::session data set session.user.uri $path
if { $name ne "" } {
ACCESS::session data set session.logon.last.username $name
}
else {
ACCESS::session remove
HTTP::redirect "https://$host"
}
}
}
}
-Eero
