Options
exchange 2010 aflex
![[Deleted User]](https://w2.vanillicon.com/v2/2e87888bd9b51a94a6457c8f7f609a9c.svg)
in aFleX
Posted by brunov
I would like to use a single virtual ip address for exchange access and still be able to use cookie persistence for owa and ews, rewrite the owa uri, and be able to split my services later by sending them to different service groups. Do you see any issues with the following aflex?
Code:
when HTTP_RESPONSE {
if { not($cookie == 1) } {
persist add uie [IP::client_addr] 1800
}
}
this aflex is assigned to a virtual doing SSL termination with cookie persistence.
I would like to use a single virtual ip address for exchange access and still be able to use cookie persistence for owa and ews, rewrite the owa uri, and be able to split my services later by sending them to different service groups. Do you see any issues with the following aflex?
Code:
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/ews*" { set cookie 1 ; pool CAS-80 ; return }
"/rpc*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/microsoft-server-activesync*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/owa*" { set cookie 1 ; pool CAS-80 ; return }
"/oab*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/public*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/rpcwithcert*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/autodiscover*" { persist uie [IP::client_addr] ; pool CAS-80 ; return }
"/powershell*" { persist uie [IP::client_addr] ; pool CAS-80; return }
}
if { not([HTTP::uri] starts_with "/owa")} {
HTTP::uri /owa[HTTP::uri]
set cookie 1
pool CAS-80
}
}when HTTP_RESPONSE {
if { not($cookie == 1) } {
persist add uie [IP::client_addr] 1800
}
}
this aflex is assigned to a virtual doing SSL termination with cookie persistence.
0
Comments
Hi Bruno,
I tested your aFleX quick.
Works pretty well
I've just changed a couple of things:
. Since 2.6.1, you don't need to do the "persist add uie" in the response side. If in the request side you hit a "persist uie" and there is no entry, aFleX will automatically create the entry for you in the response.
. I think you want to add "owa" only if the request is "/"
Here is the aFleX I tested:
Code:
when HTTP_REQUEST { switch -glob [string tolower [HTTP::uri]] { "/ews*" { set cookie 1 ; pool CAS-80 ; return } "/rpc*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/microsoft-server-activesync*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/owa*" { set cookie 1 ; pool CAS-80 ; return } "/oab*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/public*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/rpcwithcert*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/autodiscover*" { persist uie [IP::client_addr] ; pool CAS-80 ; return } "/powershell*" { persist uie [IP::client_addr] ; pool CAS-80; return } } if { ([HTTP::uri] equals "/")} { HTTP::uri /owa[HTTP::uri] set cookie 1 pool CAS-80 } }I will be running this is 2.4.3, but if you are running in 2.6.1 you also won't need the "set cookie 1" commands.
I'm still not a 100% on the owa requirement.
Code:
if { ([HTTP::uri] equals "/")} { HTTP::uri /owa[HTTP::uri]}will take
www.host.com and make it www.host.com/owa
Code:
if { not([HTTP::uri] starts_with "/owa")} { HTTP::uri /owa[HTTP::uri]}will do the same, but also take
www.host.com/login and make it www.host.com/owa/login
I haven't tested enough to fully understand if that is really necessary.
Thanks for the feedback.