Forum Discussion
justjonathan_15
Nimbostratus
Apr 22, 2016Checking Persistence iRule
Hi all, We were supplied an iRule to use for a Java based application which gives out a session ID. Since deploying our F5's to this application, we have noticed strange activity with user se...
IanB
Employee
Apr 22, 2016I suggest you uncomment the three log lines that are currently commented out, and see if that shines any light on what's going on.
There are two paths through that code that will end up persisting on SSL session ID, which is a disaster waiting to happen, since the SSL session ID can change as often as every few minutes, depending on the client.
You really should be persisting on something that is expected to remain static, like a session ID that the server passes back to the client as an HTTP cookie
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects