For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Girish_HS_32793's avatar
Girish_HS_32793
Icon for Nimbostratus rankNimbostratus
Feb 22, 2010

Cookie-Hash not working

Hi Team,

 

I am not sure if I need to post this "Help Request" here but I would really be very happy if someone could help me with what I am going through.

 

 

1. we have one IP resolving to 2 DNS, mvstg.nbcuni.com and secureaccessstaging.nbcumv.com

 

2. User access http://mvstg.nbcuni.com

 

3. Clicking on the login button on the http://mvstg.nbcuni.com page gives the user a pop-up page which is https://secureaccessstaging.nbcumv.com.

 

 

 

Issue noticed: On Step 3 when the user clicks the Login button on http://mvstg.nbcuni.com, a Pop-UP page loads https://secureaccessstaging.nbcumv.com page, but rather than giving the user a login page it loads the content of mvstg.nbcuni.com.

 

When the user closes the popup page and hits the Login button the second time he gets the login page.

 

application delivery
dev
devops
iRules

1 Reply

  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Feb 22, 2010
    Hi Girish,

     

     

    Can you clarify what you think the problem is? Do you think the issue is a result of a persistence failure?

     

     

    Browsers will not send a cookie set by one domain to a different domain. This is a security feature built into all browsers. As the two hostnames are on different domains you cannot expect the client to receive a cookie from *.nbcuni.com and then send it on a request to *.nbcumv.com.

     

     

    To test whether this is a persistence issue, can you change to source address persistence or disable all but one member in the pool?

     

     

    Thanks,

     

    Aaron