Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SteelApp HTTP Monitor and 302 vs 200 OK

SOLVED
Go to solution
ryan.jensen
Occasional Contributor
‎09-11-2014 09:28:AM
‎09-11-2014 09:28:AM

SteelApp HTTP Monitor and 302 vs 200 OK

Hello!

I'm trying to setup an http monitor to monitor our Cyberark servers.

The URL is https://<servername>.<domain>/PasswordVault/login.aspx

When I go to the URL in my browser, I get redirected to: /PasswordVault/logon.aspx?ReturnUrl=%2fPasswordVault%2fdefault.aspx

If I go to https://<servername>.<domain>/PasswordVault/default.aspx in my browser I get redirected to the same above URL

In my Monitor, I put the /PasswordVault/logon.aspx?ReturnUrl=%2fPasswordVault%2fdefault.aspx in the path, thinking I'd avoid any redirects and get an actual 200 OK return code. Not the case. According to STM, it's receiving a 302 no matter what URL I go to.

I've done a trace on my local machine with Fiddler and Chrome's built in dev tools and my PC is seeing HTTP 200 OK messages.

The reason this is an issue is because last night, the primary server went down, the APP wasn't loading the login page, but for somereasoon STM was still seeing a 302, i'm assuming that's from IIS on the server.

Anyone experienced anything similar with HTTP monitors and how did you get around it?

I'm running STM 9.6r1.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
dnahas
Contributor
‎09-19-2014 08:29:AM
‎09-19-2014 08:29:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Looks like the connection is being redirected to "/PasswordVault/auth/ldap", Is the path in the monitor "/PasswordVault/auth/ldap"?

View solution in original post

0 Kudos
7 REPLIES 7
jochenmaurer
Contributor
‎09-12-2014 05:12:AM
‎09-12-2014 05:12:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

we did have a similiar problem, because the server is sending a different answer depending on user-agent value.

so testing with a real browser is different.

could you do a "curl" to that url and see whats coming back?

0 Kudos
ryan.jensen
Occasional Contributor
‎09-12-2014 05:58:AM
‎09-12-2014 05:58:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Hello, Thanks for the reply…

I did this and here’s what I got:

curl -k https://

.

/PasswordVault/logon.aspx?ReturnUrl=%2fPasswordVault%2fdefault.aspx

Object moved to here .


[email protected]:~# curl -k https://

.

/PasswordVault/auth/ldap

h1. Object Moved
This document may be found [here | https://

.

/PasswordVault/auth/ldap/]

0 Kudos
dnahas
Contributor
‎09-16-2014 07:10:AM
‎09-16-2014 07:10:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Does your application require specific a host header?

Have you tried setting the  host_header:    value in the monitor config?

0 Kudos
ryan.jensen
Occasional Contributor
‎09-16-2014 07:12:AM
‎09-16-2014 07:12:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Hi!

It doesn’t require a specific header as far as I know, but I did put the hostname (the same as on the SSL Cert) into the hostname field.

0 Kudos
dnahas
Contributor
‎09-16-2014 07:20:AM
‎09-16-2014 07:20:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Can you set the monitor  verbose:  to yes and post the output?

0 Kudos
ryan.jensen
Occasional Contributor
‎09-18-2014 06:47:PM
‎09-18-2014 06:47:PM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

18/Sep/2014:21:44:45 -0400

INFO

Succeeded

18/Sep/2014:21:44:45 -0400

INFO

Response data&colon; HTTP/1.1 302 Found

18/Sep/2014:21:44:45 -0400

INFO

Cache-Control: no-cache, no-store, must-revalidate

18/Sep/2014:21:44:45 -0400

INFO

Pragma: no-cache

18/Sep/2014:21:44:45 -0400

INFO

Content-Type: text/html; charset=utf-8

18/Sep/2014:21:44:45 -0400

INFO

Expires: -1

18/Sep/2014:21:44:45 -0400

INFO

Location: /PasswordVault/auth/ldap

18/Sep/2014:21:44:45 -0400

INFO

Server: Microsoft-IIS/7.5

18/Sep/2014:21:44:45 -0400

INFO

X-Frame-Options: SAMEORIGIN

18/Sep/2014:21:44:45 -0400

INFO

Set-Cookie: CA22222=; path=/PasswordVault/; HttpOnly

18/Sep/2014:21:44:45 -0400

INFO

Set-Cookie: CA11111=; path=/PasswordVault/; HttpOnly

18/Sep/2014:21:44:45 -0400

INFO

Set-Cookie: CA33333=; path=/PasswordVault/; HttpOnly

18/Sep/2014:21:44:45 -0400

INFO

Set-Cookie: mobileState=Desktop; path=/PasswordVault/; HttpOnly

18/Sep/2014:21:44:45 -0400

INFO

Set-Cookie: ASP.NET_SessionId=a041mi45nipato555fxh2f45; path=/; HttpOnly

18/Sep/2014:21:44:45 -0400

INFO

X-UA-Compatible: IE=EmulateIE8

18/Sep/2014:21:44:45 -0400

INFO

Date: Fri, 19 Sep 2014 01:44:45 GMT

18/Sep/2014:21:44:45 -0400

INFO

Connection: close

18/Sep/2014:21:44:45 -0400

INFO

Content-Length: 147

18/Sep/2014:21:44:45 -0400

INFO

18/Sep/2014:21:44:45 -0400

INFO

18/Sep/2014:21:44:45 -0400

INFO

Object moved to here .

18/Sep/2014:21:44:45 -0400

INFO

</body></html>

18/Sep/2014:21:44:45 -0400

INFO

Writing request

18/Sep/2014:21:44:45 -0400

INFO

Writing request

18/Sep/2014:21:44:45 -0400

INFO

Connecting

0 Kudos
dnahas
Contributor
‎09-19-2014 08:29:AM
‎09-19-2014 08:29:AM

Re: SteelApp HTTP Monitor and 302 vs 200 OK

Looks like the connection is being redirected to "/PasswordVault/auth/ldap", Is the path in the monitor "/PasswordVault/auth/ldap"?

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.