Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Chris_Miller's avatar
Chris_Miller
Icon for Altostratus rankAltostratus
Feb 21, 2011

Default Cookie Name Behavior

I'm load balancing an application behind IBM's WebSEAL product. A User authenticates via WebSEAL which then sends the traffic to the application VIP. According to the link below, WebSEAL adds a prefix...
config
design
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Feb 21, 2011
Hi Chris,

LTM will ignore cookies which it doesn't recognize. You could rewrite it with an iRule. Is it in requests or responses that the cookie name needs to be rewritten? It would be easier to rewrite the request as the cookie doesn't have any properties to preserve in requests (it's just a name=value pair): 


 http://devcentral.f5.com/wiki/default.aspx/iRules/http__cookie
 Rename a cookie by inserting a new cookie name with the same value as the original.  Then remove the old cookie.
when HTTP_REQUEST {

    Check if old cookie exists in request
   if { [HTTP::cookie exists "old-cookie-name"] } {

       Insert a new cookie with the new name and old cookie's value
      HTTP::cookie insert name "new-cookie-name" value [HTTP::cookie value "old-cookie-name"]

       Remove the old cookie
      HTTP::cookie remove "old-cookie-name" 
   }
}

Aaron