Hi

I would like to have a client request to http://www.example.com/ hit the ACE and then the request be rewritten to that the rservers get a request instead of http://www.example.com/blah.

Note that the client should not see any change in their browser (transparent to the user).

Just to clarify, such a scenario is only possible using the A2 version of the ACE software?

Thanks guys

URL rewrite is not available on ACE module yet. Its not possible to rewrite the URLs.

Only Header rewrite is available where you can manipulate header values.

So its possible rewrite the "HOST" value in http request from "www.example.com" to "www.example.net", but you cannot rewrite the uri.

Only available option is to send HTTP Redirect

302 to client. Which will not be transparent to the client.

Syed Iftekhar Ahmed

could you please tell me how to redirect the URL?

is it through redirect real servers and webhost command?

ok is there any wayt to change the url from http tp https ?

If you want to retain the hostname & Path in user's Http request then %h (for host) & (%p for path) can be used. Following is a simple example to achieve that

rserver redirect HTTP-TO-HTTPS

webhost-redirection https://%h%p 301

inservice

serverfarm redirect HTTP-To-HTTPS-SF

rserver REDIRECT-TO-HTTPS

inservice

class-map match-all REDIRECT

2 match virtual-address 1.2.3.4 tcp eq http

policy-map type loadbalance first-match REDIRECT-POLICY

class class-default

serverfarm HTTP-To-HTTPS-SF

policy-map multi-match WEB-TRAFFIC

class REDIRECT

loadbalance vip inservice

loadbalance policy REDIRECT-POLICY

loadbalance vip icmp-reply

url rewrite is available on the module in version 2.1.1

ie:

action-list type modify http SSL-Rewrite

ssl url rewrite location ".*"

Hi,

Do you have any tips on getting this working? The config and example on support seems easy enough but I don't get any hits on the stats http for rewrite. I am using SSL termination on the ACE module which is working fine, clear text at the back end. When the back end server sends a redirect as HTTP I need the module to change it to HTTPS but I just cant get it working. I am using non-standard ports (but the same port on each side), so my command is ssl url rewrite location ".*" ssl-port yyyy clearport yyyy.

Does the layer 7 policy need to be type loadbalance http? Again, I've tried both loadbalance generic and http.

Thanks for your help.

There is a known defect related to the Location filed. If this is not spelled exactly like above, we don't catch it.

It might then be necessary to do your own rule to catch the exact field header sent by your server and do your own rewrite.

CSCsu01728

ACE: Regex: HTTP header field name should be case insensitive

Workaround:

Configure a header replace function that will match exactly the field name sent by the server.

ie:

header rewrite response location header-value "http://(.*)" replace "https://%1"

Thanks for the response. I think my issue may not be the ACE but just the way the app is coded - i dont think the app is actually sending a clear-text redirect, but rather the navigation buttons that the client uses are to non-https URLs.

I cant get a sniff of the underlying requests and reponses to verify this yet though which doesnt help.

If i get the traces, i take it that i could just match on the various URLs, and set up a redirect to each URL as HTTPS rather than HTTP? Obviously a better solution is to change the app...

Thanks a lot.

You need to know, that ACE is performing header rewrite just for the first HTTP request or response. To do rewriting for each request(response) you should use "header modify per-request" in HTTP parameter map, and attach that parameter map to needed class in global policy.

parameter-map type http HTTP_PARAM_MAP

header modify per-request

action-list type modify http HTTP_Resp-2-HTTPS_Resp

header rewrite response Location header-value "http://(.*)" replace "https://%1"

policy-map type loadbalance http first-match TEST_POLICY

class TEST_HTTP_NORMAL_MAP

serverfarm test_farm

action HTTP_Resp-2-HTTPS_Resp

policy-map multi-match GLOBAL_POLICY

class TEST_L4

loadbalance vip inservice

loadbalance policy TEST_POLICY

loadbalance vip icmp-reply

appl-parameter http advanced-options HTTP_PARAM_MAP

ssl-proxy server TEST_SSL_PROXY