Forum Discussion
Eric_Waite_1046
Nimbostratus
Nimbostratusjsessionid uri vs. cookie
I am using the following rule to persist via jsessionId.
when CLIENT_ACCEPTED {
set add_persist 1
}
when HTTP_RESPONSE {
if { [HTTP::cookie exists "JID"] and $add_persist } {
persist add uie [HTTP::cookie "JID"]
set add_persist 0
}
}
when HTTP_REQUEST {
if { [HTTP::cookie exists "JID"] } {
persist uie [HTTP::cookie "JID"]
} else {
set jsess [findstr [HTTP::uri] "jsessionid" 11 "?"]
if { $jsess != "" } {
persist uie $jsess
}
}
}
But my application passes sessionId in the URI with every request so the following should work, with no response.
when HTTP_REQUEST {
set jsess [findstr [HTTP::uri] "jsessionid" 11 "?"]
if { $jsess != "" } {
persist uie $jsess
}
}
This works, if the browser set to block cookies. If it allows cookies the persistence fails? Does BIG-IP look for the cookie, if cookies are enables? Or Am I missing something here. I would love to eliminate cookies 100 percent and just pull from the URI.
Any help would be appreciated.
Eric
- There's no reason that this rule:
when HTTP_REQUEST { set jsess [findstr [HTTP::uri] "jsessionid" 11 "?"] if { $jsess != "" } { persist uie $jsess } }
would be looking for cookies. Is that the version you're using?
Colin - In order for jsessionid persistence to work, you need to find the jsessionid in the first response and add a persistence record for it. The only challenge to not using cookies is looking/parsing for the persist key in the first responses body from the server. Cookies are easy since they are headers and we have commands to access them directly. You will need to collect the response and parse it for the jsessionid, so you can add the initial key to the table.
Mohamed_LrhaziAltocumulus
Yes! No one seems to mention this key fact... even this solution document... erroneously suggests you dont need to find the actually session ID in the first response: http://support.f5.com/kb/en-us/solutions/public/7000/300/sol7392.html
