Forum Discussion

Greg_130338's avatar
Greg_130338
Icon for Nimbostratus rankNimbostratus
Mar 26, 2014

http 302 redirect

Hey all, getting further in my sharepoint implementation. I am hitting a snag with the http redirects coming from my internal sharepoint server. it's telling the client to redirect to https://mysite.domain.com/default.aspx via a http 302 response but the URI is not making it back to the client. This makes the client just load the root page which is the IIS default welcome page.

 

I was reading some things about redirect rewrites and the options provided there but none of those changed the result. Now I can explicitly type in /default.aspx to get to the sharepoint welcome page and it works just fine, the redirect just does not make it through the F5. Any ideas?

 

-GR

 

  • gbbaus_104974's avatar
    gbbaus_104974
    Historic F5 Account

    Hi

     

    What is your IIS default page name on you IIS server ? Is it 'index.html' ?

     

    Cant you just tell your IIS server that if someone asks for "/", then serve up "default.aspx"

     

    If that does not work/help and you want to use iRules, then you could certainly have a rule that says "if client asks for / , then serve /default.aspx"

     

    Did you use HTTPWatch or HTTPFox to verify the client browser does not get the redirect to /default.aspx ?

     

    I was wondering how you knew it was coming from the server, but not making it to the client ?

     

    • Greg_130338's avatar
      Greg_130338
      Icon for Nimbostratus rankNimbostratus
      I know it's set as the default page bc I can access the we page directly without going through LTM. I received the redirect to the correct URI /default.aspx (verified the redirect string with a packet capture). Accessing the same website via LTM does not send me to that page, just the default IIS page.
  •  when HTTP_REQUEST {
    if { [HTTP::uri] equals "/" } {
    HTTP::redirect "https://[HTTP::host]/default.aspx"
    }
    

    }

    • Greg_130338's avatar
      Greg_130338
      Icon for Nimbostratus rankNimbostratus
      I think I tried that before but since I'm using APM there are quite a few http requests/responses before I get to the actual back end sharepoint page. I'm not sure what event I would have to trigger on one the user has completed authentication to update the URI string with a rewrite.
  • gbbaus_104974's avatar
    gbbaus_104974
    Historic F5 Account

    Ok .. APM changes things.

    There are a lot or redirects that take place, and the standard HTTP_REQUEST events are not always going to fire as expected as there is some "hidden stuff" happening on the VIP that you don't get exposure to.

    See HIDDEN EVENTS at

    https://devcentral.f5.com/articles/http-event-order-access-policy-manager.UzNOCc_NvX4

    Hidden Events

    For APM internal URIs, like /my.policy and /my.logout, the HTTP_REQUEST/HTTP_RESPONSE events don’t fire as you would expect beginning in v11.x. ..... However, with APM, if you require access in your iRules to these internal URIs, you can use the ACCESS::restrict_irule_events command in the CLIENT_ACCEPTED event to expose them. An example:

    Hidden Events

    when CLIENT_ACCEPTED {
         ACCESS::restrict_irule_events disable
     }
    
     when HTTP_REQUEST {
       if { [HTTP::uri] ends_with "/my.logout.php3?errorcode=19" }{ 
          HTTP::redirect "/"
        }
     }
    

    You need a full HTTP Watch trace to see what is going on

    • Greg_130338's avatar
      Greg_130338
      Icon for Nimbostratus rankNimbostratus
      Ok I will give that a shot then thanks! Are we saying then that the expected behavior of the sharepoint site returning the URI to the welcome page through LTM+APM is to not properly direct the client to the right page without irule customization?
  • gbbaus_104974's avatar
    gbbaus_104974
    Historic F5 Account

    No, Im saying if you do need an irule, then you may need to use the "ACCESS::restrict_irule_events disable" command.

     

    You need a HTTPwatch (or HTTPFox in Firefox ... which is free) to see all the redirects, etc to fully understand where the "redirect gremlin" is.

     

    • Greg_130338's avatar
      Greg_130338
      Icon for Nimbostratus rankNimbostratus
      Gotcha. Well as of this morning everything is working perfectly without modification...sooooo I'm not sure what is different. maybe I was dealing with some caching on the BigIP when the IIS page was being delivered prior to the AAM's being configured? In either case, all is well. I appreciate the insight into the iRules though.