exchange 2010 aflex

Posted by brunov

I would like to use a single virtual ip address for exchange access and still be able to use cookie persistence for owa and ews, rewrite the owa uri, and be able to split my services later by sending them to different service groups. Do you see any issues with the following aflex?

Code:
when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/ews*" { set cookie 1 ; pool CAS-80 ; return } "/rpc*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/microsoft-server-activesync*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/owa*" { set cookie 1 ; pool CAS-80 ; return } "/oab*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/public*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/rpcwithcert*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/autodiscover*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/powershell*" { persist uie [IP::client_addr] ; pool CAS-80; return } } if { not([HTTP::uri] starts_with "/owa")} { HTTP::uri /owa[HTTP::uri] set cookie 1 pool CAS-80 } }

when HTTP_RESPONSE {
if { not($cookie == 1) } {
persist add uie [IP::client_addr] 1800
}
}

this aflex is assigned to a virtual doing SSL termination with cookie persistence.

Comments

  • edited July 2022
    Posted by ddesmidt

    Hi Bruno,

    I tested your aFleX quick.
    Works pretty well 

    I've just changed a couple of things:
    . Since 2.6.1, you don't need to do the "persist add uie" in the response side. If in the request side you hit a "persist uie" and there is no entry, aFleX will automatically create the entry for you in the response.
    . I think you want to add "owa" only if the request is "/"

    Here is the aFleX I tested:

    Code:

    when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/ews*" { set cookie 1 ; pool CAS-80 ; return } "/rpc*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/microsoft-server-activesync*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/owa*" { set cookie 1 ; pool CAS-80 ; return } "/oab*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/public*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/rpcwithcert*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/autodiscover*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/powershell*" { persist uie [IP::client_addr] ; pool CAS-80; return } } if { ([HTTP::uri] equals "/")} { HTTP::uri /owa[HTTP::uri] set cookie 1 pool CAS-80 } }
  • edited February 2014
    Posted by brunov

    I will be running this is 2.4.3, but if you are running in 2.6.1 you also won't need the "set cookie 1" commands.

    I'm still not a 100% on the owa requirement.

    Code:

     if { ([HTTP::uri] equals "/")} { HTTP::uri /owa[HTTP::uri]}




    will take

    www.host.com and make it www.host.com/owa

    Code:

    if { not([HTTP::uri] starts_with "/owa")} { HTTP::uri /owa[HTTP::uri]}


    will do the same, but also take

    www.host.com/login and make it www.host.com/owa/login

    I haven't tested enough to fully understand if that is really necessary.

    Thanks for the feedback.
Sign In or Register to comment.