Layer 7 API Management

Expand all | Collapse all

How to handle redirects in Layer 7?

  • 1.  How to handle redirects in Layer 7?

    Posted 10-27-2015 05:29 AM

    So,

     

    My Use Cases:

     

    I am proxy-ing some 3rd party service via layer 7.

    I am invoking that 3rd party service via layer 7, that service redirects me to another location, i think one or two re-directions are happening in-consistently.

     

    I tried the follow-redirect option in Route via HTTP.But it is not working.


    Questions:


    1. How can i resolve this problem?

    2. Is there any configuration option to follow-redirects?

    3. Do need to manually handle the redirects?



  • 2.  Re: How to handle redirects in Layer 7?

    Posted 10-28-2015 10:26 AM

    No One Faces this Issue ?

    Is that so?



  • 3.  Re: How to handle redirects in Layer 7?

    Posted 10-28-2015 11:04 AM

    We handle this in our policies by intercepting the ${response.http.status} code, when it's 301/302, and rewriting the Location header with the correct host - usually something like ${request.url.host}. You can manipulate the Location header value using a regex (copy to temp context variable, manipulate as needed) and then apply by using the Manage Transport Properties/Header assertion to setting the Location header to the value in the temp context variable.



  • 4.  Re: How to handle redirects in Layer 7?

    Posted 10-28-2015 11:56 AM

    Hi,

     

    I want the layer 7 automatically check the response status code is either 301/302, if it is, then get the location url from the header and invoke it once again to get the response, and sent that response back to the client.

     

    "I want the above this to be done automatically"

    I saw an option named "Follow Redirects", but it is not following the redirects.

    I am manually checking for the status code and invoke the location url.



  • 5.  Re: How to handle redirects in Layer 7?

    Posted 10-28-2015 10:55 PM

    You still haven't shown us anything in regards to Policy or what you are receiving from the backend?....

     

    I have set up a Test Case.

     

    I have Service1, Service2, and Service3

     

    Service1 contains the following Route statement. ( Routes to Service2 w/ redirect option checked )

    Service1Routing.png

     

    Service2 Adds the Location header and Returns a 302 HTTP Status Code.

    Service2HeaderAdd.png

     

    Service2ReturnTemplate.png

     

    Service3 Returns a 200 and a Success Message.

    Service3ReturnSuccess.png

     

    Here is me calling Service1, which called service2 and got a 302 redirect to service3.

    curlCommand.png

     

    Just for kicks and giggles, lets have another redirect in there. ( service3 will direct to Service4 ).

     

    this worked too.

    service4Success.png

     

    This led me searching for common problems people face when redirects aren't happening as they would expect.

     

    i came across Redirects failing when the HTTP Method of 'POST' was used.

     

    i verified this with my test above, POST didn't work. I got it to work by modifying Service1's route to Explictly use a 'GET' method instead of Automatic.

     

    So, i dug a little further and saw that the HTTP Spec doesn't consider POST methods 'Safe' for obvious reasons and doesn't require the user-agent to automatically follow redirects in situations of 'unsafeness' without letting the user know. Since we aren't in a web browser, we just don't follow them.

     

    This makes sense, as i don't want to be posting credit card information to one url and it getting redirected somewhere else...

     

    Was this what you were encountering?



  • 6.  Re: How to handle redirects in Layer 7?

    Posted 04-04-2016 02:28 AM

    Thanks Doyle,

    Very good example.

    I done more tests base on your example, and found some interesting results,

    1. in service1, set the HTTP method of Route via HTTP assertion from <Automatic> to GET, the redirection will be successful no matter what method is specified for curl.

    2. set 'Pass through only certain request/response headers' of Route via HTTP assertion (not include Location header), the redirection will fail for curl. (ie. block Location header either on request or response)

     

    It's quite different if I use a REST client plugin of firefox to call service1,

    3. the redirection will be successful even when I set the HTTP method as POST.

    4. the redirection only fail when I set both 'Pass through only certain request headers' and 'Pass through only certain response headers' and all exclude Location header.

     

    Regards,

    Mark



  • 7.  Re: How to handle redirects in Layer 7?

    Posted 10-28-2015 11:23 AM

    What are you seeing ? Is the redirected url not being hit?