Jump to content


Photo

rewrite policy different internal host

Started by Nitiphan Pensiri , 11 August 2017 - 07:46 PM
6 replies to this topic

Nitiphan Pensiri Members

Nitiphan Pensiri
  • 5 posts

Posted 11 August 2017 - 07:46 PM

Hi,

I have plan to move our HTTP service to new environment. we require to support users coming through old URL. We are not need user to change the URL on the client browser, when users come through old URL.

 

Example;

 



Nitiphan Pensiri Members

Nitiphan Pensiri
  • 5 posts

Posted 12 August 2017 - 02:36 AM

Now, I config rewrite policy as below step

 

1.rewrite policy hostname from abc.co.th to abc.local  (

2.rewrite policy url 

3.rewrite pollicy hostname from abc.co.th to xyz.local

4.rewrite policy url

 

I think it not work because 1 and 3 it different host

 

Please advice me,how to config rewrite policy for this issue



Dhaval Yogesh Thaker Citrix Employees

Dhaval Yogesh Thaker
  • 2 posts

Posted 12 August 2017 - 12:55 PM

I think the configuration template to follow should be as per below article:

 

https://support.citr...ticle/CTX119755

 

The key thing in this case would be to trigger the policy when both the host and URL matches the request as in your situation 1 and 3 needs to be changed into a different host.

 

add rewrite action host1 replace "HTTP.REQ.HEADER(\"Host\")" "\"abc.local\""
 
add rewrite action url1 replace HTTP.REQ.URL.PATH_AND_QUERY "\"/api/service/viewcustomer\""
 
add rewrite policy pol1 "HTTP.REQ.HOSTNAME.EQ(\"abc.co.th\") && HTTP.REQ.URL.PATH.EQ(\"/api/centerservice/viewcustomer\")" host1
add rewrite policy pol2 "HTTP.REQ.HOSTNAME.EQ(\"abc.co.th\") && HTTP.REQ.URL.PATH.EQ(\"/api/centerservice/viewcustomer\")" url1
 

 

similarly, rewrite can be done for other host/url.

So, in all, you will need to bind 4 policies for the 2 host and url replacement.

 

Let me know if this works.



Rhonda Rowland Members

Rhonda Rowland
  • 214 posts

Posted 12 August 2017 - 04:55 PM

You'd probably be better off with a URL Transform to rewrite the host and paths; it would also allow you to rewrite any links returned in the body content.

 

If you want users to get to the new URL instead, you can also use Responder policies to redirect them (but your description above sounds like URL Transform).

 

The trick with URL Transform is that it can do more complicated rewrites, but you need a good understanding of your patterns and the ability to work with RegEx.  This recent thread is a similar situation:  https://discussions.citrix.com/topic/388909-url-transform-to-another-url-but-keep-orginial/

 

Are these the only two rewrites you need are do you have a much larger list of patterns?

Is it only for a single url going from "abc.co.th" to "abc.local", or do you have multiple FQDNs:  "def.co.th" to "def.local", "xyz.co.th" to "xyz.local".  

 

And are these the only two patterns you need to rewrite viewcustomer and viewsale (or does the app have a lot more)?  

Two transformation rules should handle it, but if there are a lot more patterns, then a better regex might be required. 

 

I did the example for ViewCustomer based on the idea that you might be rewriting abc.co.th to abc.local and other variants (def.co.th to def.local).  If you clarify your exact needs, we can probably revise the expressions to be more appropriate to your exact scenario.

 

NOTE in the below examples, I converted https:// to h..ps:// just to avoid the post having to go through approval first.  Replace the h..ps:// with https:// before trying to configure in the GUI.  

 

But a basic example for ViewCustomer (with abc, def, or others):

  • REQ URL FROM: h..ps://([^\.]*)[.]co[.]th/api/centerservice/viewcustomer(.*)
  • REQ URL TO:  h..ps://$1.local/api/service/viewcustomer$2
  • RES URL From:  h..ps://([^\.]*)[.]local/api/service/viewcustomer(.*)
  • RES URL TO:  h..ps://$1.co.th/api/centerservice/viewcustomer$2
  • And don't forget to rewrite the Cookie domain.

ViewSale:  

For this one, you said abc going to xyz in the example, so I did that below.

If not, it would look like the previous one. You may have to adjust both for your patterns.

  • REQ URL FROM: h..ps://abc[.]co[.]th/api/centersale/viewsale(.*)
  • REQ URL TO:  h..ps://xyz.local/api/sale/viewsale$1
  • RES URL From:  h..ps://xyz[.]local/api/sale/viewservice(.*)
  • RES URL TO:  h..ps://abc.co.th/api/centersale/viewsale$1
  • And don't forget to rewrite the Cookie domain.


Nitiphan Pensiri Members

Nitiphan Pensiri
  • 5 posts

Posted 13 August 2017 - 10:56 AM

Hi Rhonda Rowland,

 

       Netscaler can config rewrite policy or URL Transformation  from full url to another full url?

 

current URL:  https://abc.co.th/api/centerservice/viewcustomer

new URL:  http://abc.local/api/service/viewcustomer

and 

current URL:  https://abc.co.th/api/centersale/viewsale

new URL:  http://xyz.local/api/sale/viewsale



Nitiphan Pensiri Members

Nitiphan Pensiri
  • 5 posts

Posted 13 August 2017 - 10:58 AM

Hi Rhonda Rowland,

 

       Netscaler can config rewrite policy or URL Transformation from full url to another full url?



Rhonda Rowland Members

Rhonda Rowland
  • 214 posts

Posted 13 August 2017 - 04:42 PM

URL Transformation allows for complicated rewrite actions using one or multiple regex patterns.

 

You still have to have the load balancing setup to receive traffic client-side and direct it to the correct destinations server-side.

URL Transformation can then be specified with the Request-time rewrite and the Response-time rewrite.

 

The Request-time rewrite, rewrites/transforms the actual URL in the request.  You identify the client-side/public pattern in the Request URL From field and then indicate the rewrite to perform in the Request URL into field (which is the server side/actual URL pattern).  

 

The Response-time rewrite, actually rewrites/transforms any links in the body content from the original server format back into the public format that you need client-side.

 

In general, if you transform the host header URL's domain, you will also need to rewrite cookies from the server domain back into the public domain as well, so the cookies will be valid client side.

 

Rewriting the URL doesn't change where the content goes; that's the job of the LB vserver's services.

 

This example needs to use a combination of URL Transform and additional header rewrites:  https://blogs.serioustek.net/post/2015/05/05/netscaler-url-transform-aspx