Description
What question do you have?:
We have a conflict of endpoint "/ui" with two Frontend(one is owned by us, other is 2pp) application under same FDQN. So, we decided use pathRewritePolicy for our frontend application without any effort on application. If cookie contain token then update endpoint with pathRewritePolicy, else send request with no endpoint change to service for authentication if header cookie doesn't contain token.
apiVersion: projectcontour.io/v1
kind: HTTPProxy
metadata:
name: name-example-foo
spec:
virtualhost:
fqdn: foo.bar.com
routes:
- conditions:
- prefix: /ui
services:
- name: 2pp-frontend
port: 80
- conditions:
- prefix: /our-app
- header:
name: cookie
contains: token
pathRewritePolicy:
replacePrefix:
- prefix: /our-app
replacement: /
services:
- name: our-frontend
port: 80
- conditions:
- prefix: /our-app
- header:
name: cookie
notcontains: token
services:
- name: our-frontend
port: 80Flow we need of request to be happen:
- On new request http://foo.bar.com/our-app/ui
- Ingress validate and redirect to Authentication:
a. Request check from Ingress second route will fail, and pass the third route.
b. Application redirect to authentication with callback url as http://foo.bar.com/our-app/ui - Callback after authentication Ingress validate again.
a. Now, request will pass in second route condition(cookie contain token) and replace prefix then forward the request to application with http://foo.bar.com/ui
But flow actually happenning:
From above flow step 1 and step 2 working fine. But after authentication, callback url validate and replace prefix. Now updated request, re-evaluated at ingress and pass through first route condition, forwarding to 2pp-frontend.
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
- Contour version:
- Kubernetes version: (use
kubectl version): - Kubernetes installer & version:
- Cloud provider or hardware configuration:
- OS (e.g. from
/etc/os-release):