Cookie Rewrite & ASPSESSIONID Mk. II

what am I missing here?

if { [session lookup uie [findstr [HTTP::cookie names] "ASPSESSIONID" 12 20]] equals "" } {

Wouldn't this look for a session table entry keyed on the 20 char following the string "ASPSESSIONID" in the list of cookie names... which would be the name of another cookie (or cookies), if any were listed after ASPSESSIONID, rather than the expected ASPSESSIONID cookie value itself...?

 

 

If so, that could certainly work well most of the time, but result in persistence failure if the list of cookies returned by the server ever changed.

 

 

To just extract the cookie values directly, adjusting your code accordingly, something more along the lines of:

when HTTP_RESPONSE {
  set sessionID ""
  if { [HTTP::cookie exists "ASPSESSIONID"] } {
    set sessionID [HTTP::cookie ASPSESSIONID]
    set persistTo [session lookup uie $sessionID]
    if { $persistTo equals "" } {
      session add uie $sessionID [IP::server_addr] 1800
      log local0. "added server entry $persistTo for aspsessionID $sessionID"
    } else {
      log local0. "existing server entry $persistTo for aspsessionID $sessionID"
    }
  }
}
when HTTP_REQUEST {
  set sessionID ""
  if { [HTTP::cookie exists "ASPSESSIONID"] } {
    set sessionID [HTTP::cookie ASPSESSIONID]
    set persistTo [session lookup uie $sessionID]
    if { $persistTo equals "" } {
      pool [LB::server pool]
      log local0. "No aspsession ID, load balancing the connection..."
    } else {
      pool [LB::server pool] member $persistTo
      log local0. "aspsessionID $sessionID sent to $persistTo"
    }
  }
}

 

 

I also dug up a a somewhat simpler version using "persist" instead of "session" I helped implement a while back & added it to the codeshare ()

 

HTH

 

/deb