PingAccess

Rewrite rules overview

PingAccess allows for the manipulation of the Request URI, the cookie domain, the cookie path, three of the response headers (Location, Content-Location, and URI), and the response content.

For example, a site is hosted on https://server1.internalsite.com under /content/. Users access the site through the following Uniform Resource Locator (URL) in their browser: https://server1.internalsite.com/content/

For demonstration purposes, assume this results in a 302 Redirect to an importantContent.html page as well as setting a domain cookie for .internalsite.com. If you protect this site with PingAccess using the virtual host publicsite.com under the application /importantstuff/, you must rewrite the content. The information below discusses an example scenario.

This conceptual overview assumes that a virtual host, a site, and an application are already configured.

Create a Rewrite Content Rule

A rewrite content rule alters content in the HTTP response body.

  • In the Response Content-Types field, you define a response type of text/html.

  • In the Find and Replace criteria, you specify <a href="https://server1.internalsite.com/content/"> and <a href="https://publicsite.com/importantstuff/">.

  • Add the rule to the application. A query to a page with links in it that points to https://server1.internalsite.com/content/ now points to https://publicsite.com/importantstuff/.

A rewrite cookie domain rule allows the rewriting of the Domain field on cookies when they are set by the backend site.

  • In the server-facing cookie domain, you enter internalsite.com.

  • In the public-facing cookie domain, you enter publicsite.com.

  • Add the rule to the application.

    Cookies associated with the domain publicsite.com, or .publicsite.com, are rewritten to pertain to internalsite.com, or .internalsite.com.

A rewrite cookie path rule converts the cookie path returned by the site into a public-facing path.

  • In the Server-Facing Cookie Path field, you enter /content/.

  • In the Public-Facing Cookie Path field, you enter /importantstuff/.

  • Add the rule to the application.

    Cookies associated with a cookie path of /content/ are rewritten to pertain to /importantstuff/. After configuring the rewrite rules as discussed above, a user could access the https://publicsite.com/importantstuff/ and PingAccess would route that request to https://server1.internalsite.com/content/.

    If the site sends a redirect to https://server1.internalsite.com/content/index.html, PingAccess would return a redirect to https://publicsite.com/importantstuff/index.html. If the site then returned a cookie with a domain of .internalsite.com and a path of /content/, PingAccess would rewrite that cookie to be relevant to .publicsite.com and /importantstuff/.

Create a Rewrite Response Header Rule

A rewrite response header rule alters the response header used in the 302 Redirect.

  • In the Server-Facing URI field, you enter https://server1.internalsite.com/content/.

  • In the Public Path field, you enter /importantstuff/.

  • Add the rule to the application. A query resulting in a response containing a 302 Redirect to https://server1.internalsite.com/content/ is rewritten to https://publicsite.com/importantstuff/.

    This also works for relative redirects: /content/ is rewritten to /importantstuff/. It also works for the path beneath the one defined in the URI: /content/news/index.html is rewritten to importantstuff/news/index.htm.

Create a Rewrite URL Rule

A rewrite URL rule alters the request Uniform Resource Identifier (URI).

  • In the Map From field, you enter ^/importantstuff/(.*) as the regex of the URL’s path and query you want to match.

  • In the Map To field, you enter /content/$1.

  • Add the rule to the application. A query to https://publicsite.com/importantstuff/ results in PingAccess routing that query to https://server1.internalsite.com/content/.