Skip to content

Instantly share code, notes, and snippets.

@raitisd

raitisd/webapp-slv.md

Created May 7, 2018 14:17
Show Gist options
  • Save raitisd/531f2f92d543fd5059b245e9e3b2ef58 to your computer and use it in GitHub Desktop.
Save raitisd/531f2f92d543fd5059b245e9e3b2ef58 to your computer and use it in GitHub Desktop.
Download ZIP
Main UM LB config for webapp slv
Raw
webapp-slv.md

Main website - (webapp slv)

Services included (ltm virtual)

  • ltm virtual /avenso/avenso-slv-ww-web-http-vip
  • ltm virtual /avenso/avenso-slv-ww-web-https-vip

Rules

Common rules

  • /Common/letsencrypt-acme-challenge
  • /Common/HTTP-2-HTTPS-REDIRECT
  • /Common/X-FORWARDED-FOR
  • /Common/X-FORWARDED-PROTO

HTTP basic auth

ltm rule /avenso/http_basic_auth {
    when HTTP_REQUEST {
binary scan [ md5 [HTTP::password]] H* password

if { [class lookup "[HTTP::username]" authorized_users] equals $password } {
#log local0. "User [HTTP::username] has been authorized to access virtual server [virtual name]"

# Insert iRule-based application code here if necessary
} elseif { ( [HTTP::method] equals "OPTIONS" ) } {
    # allow
  }
else {
if { [string length [HTTP::password]] != 0 } {
log local0. "User [HTTP::username] has been denied access to virtual server [virtual name]"
}

HTTP::respond 401 WWW-Authenticate "Basic realm=\"Secured Area\""
}

}
}

Crossdomain xml file

ltm rule /avenso/crossdomain {
    when HTTP_REQUEST {
      switch [HTTP::uri] {
         "/crossdomain.xml" { HTTP::respond 200 content [ifile get "/avenso/crossdomain"] }
      }
   }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment