Forum Discussion

jkrumb_106236's avatar
jkrumb_106236
Icon for Nimbostratus rankNimbostratus
Dec 02, 2010

iRule attached to SSL virtual server (get cookie contents fails)

Hello all,

 

 

I am new to the forum and a newbie regarding iRule programming. I have configured a virtual server listening on TCP port 443 and attached an HTTP profile as well as an iRule. Trying to implement persistence using ASP.NET session ID

 

I currently can't read the contents of the ASP.NET session cookie during the HTTP_RESPONSE event. Am I doing something completely wrong or am I missing somethin.

 

 

Here's my HTTP_RESPONSE trigger:

 

 

 

when HTTP_RESPONSE {

 

set sessionID ""

 

set persistTo ""

 

 

set sessionCookieName [findstr [HTTP::cookie names] "ASP.NET_SessionId" 0 17]

 

set sessionID [HTTP::cookie "ASP.NET_SessionId"]

 

 

log local0. "sessionCookieName: $sessionCookieName"

 

log local0. "sessionID: $sessionID"

 

log local0. "IP server address: [IP::server_addr]"

 

 

if { $sessionID ne "" } {

 

set persistTo [session lookup uie $sessionID]

 

}

 

 

if { $persistTo equals "" } {

 

session add uie $sessionID [IP::server_addr] 4000

 

if {$::debug}{log local0. "added server entry $persistTo for aspsessionID $sessionID"}

 

} else {

 

if {$::debug}{log local0. "existing server entry $persistTo for aspsessionID $sessionID"}

 

}

 

}

 

 

 

Any help is welcome.

 

 

Bye

 

Joachim

 

 

application delivery
dev
devops
iRules
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Dec 02, 2010
    Hi Joachim,

    Is there a reason you don't/can't use cookie insert persistence? That would be simpler than keying off of the application's cookie.

    Do you have a client SSL profile added to the virtual server? In order for LTM to be able to decrypt the SSL, there must be a client SSL profile enabled on the virtual server.

    Also, if the cookie name is ASP.NET_SessionId, why are you looking for the cookie name in the list of response cookies? I think you've gotten this from the Codeshare example for ASP where the cookie name had a server token. This isn't necessary when the app's cookie name is static.

    If you do want to use the app's cookie you could use the first example in this Codeshare entry:

    http://devcentral.f5.com/wiki/default.aspx/iRules/ASP_SessionID_Persistence.html 

    when HTTP_REQUEST {

   Log debug messages to /var/log/ltm? (0=no, 1=yes)
  set debug 1

  set SessionId [HTTP::cookie ASP.NET_SessionId]
  if {$::debug}{log local0. "Client: [IP::client_addr]:[TCP::client_port]  Request SessionId: >$SessionId<"}
  if { $SessionId != "" } { persist uie $SessionId 1800 }
}
when LB_SELECTED {
  if {$debug}{log local0. "Client: [IP::client_addr]:[TCP::client_port]  LB to:  [LB::server addr]"}
}
when HTTP_RESPONSE {
  set SessionId [HTTP::cookie ASP.NET_SessionId]
  if {$debug}{log local0. "Client: [IP::client_addr]:[TCP::client_port]  Response SessionId: >$SessionId<"}
  if { $SessionId != "" }{ persist add uie $SessionId 1800 }
}

    Aaron