Forum Discussion

Ganno_161963's avatar
Icon for Nimbostratus rankNimbostratus
Jun 16, 2015

Connection Reset on Website Logout - Firefox Only

I have a Java cookie persistence iRule that looks like this:




Check if JSESSIONID exists

if { [HTTP::cookie exists "JSESSIONID"] } {


JSESSIONID found in the request we capture the first 32 characters

set jsess_id [string range [HTTP::cookie "JSESSIONID"] 0 31] persist uie $jsess_id


Check if JSESSIONID exists in the uie persist table

set p [persist lookup uie $jsess_id all] if { $p ne "" } {


JSESSIONID found in the persist table

log "JSESSIONID = \"$jsess_id\" found in persistency-table ([lindex $p 0] [lindex $p 1])" } else {


unknown JSESSIONID (could be a fake JSESSIONID inserted by a bad end-user or a user inactive for 30 minutes)

log local0. "JSESSIONID = \"$jsess_id\" not found in persistency-table" }


} else {


JSESSIONID not found in the request (could be a new client)

log local0. "No JSESSIONID cookie" } }


when HTTP_RESPONSE { if { [HTTP::cookie exists "JSESSIONID"] } { set jsess_cookie [HTTP::cookie "JSESSIONID"] persist add uie $jsess_cookie 3600 log local0. "Add persist entry for JSESSIONID \"$jsess_cookie\"" } }


This is working fine within Chrome but when users hit the "Logout" button on the website within Firefox, they are presented with a Connection Reset page. I am seeing aborts on the HTTP_RESPONSE portion of the iRule and the only error in the log is this:


Jun 16 09:29:29 slb8a err tmm3[9259]: 01220001:3: TCL error: - attempt to use empty persistence key (line 3) invoked from within "persist add uie $jsess_cookie 3600"


Any help is greatly appreciated.


3 Replies

  • that log most certainly is the cause a TCL error causes a TCP reset.


    apparently the $jsess_cookie value is empty for that session.


    further it is difficult to say as the irule got messed up, could you perhaps to repost it, perhaps on paste bin or such?


  • Thanks for the reply boneyard. We found the issue and the solution is outlined in this post:



    We asked the website programmer to see if he could simply send a null value in JSESSIONID cookie and he stated "" is interpreted as null from the application side. The only issue with the F5 logic is it takes "" as an actual value and then attempting to persist off of it. The new iRule in the above post fixed it though.


    • boneyard's avatar
      Icon for MVP rankMVP
      ah great you worked it out and thanks for explaining how.