For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Eric_Waite_1046's avatar
Eric_Waite_1046
Icon for Nimbostratus rankNimbostratus
Oct 06, 2006

jsessionid uri vs. cookie

I am using the following rule to persist via jsessionId.     when CLIENT_ACCEPTED {   set add_persist 1   }   when HTTP_RESPONSE {   if { [HTTP::cookie exists "JID"] and $add_pe...
application delivery
dev
devops
iRules
unRuleY_95363's avatar
unRuleY_95363
Historic F5 Account
Oct 19, 2006
In order for jsessionid persistence to work, you need to find the jsessionid in the first response and add a persistence record for it. The only challenge to not using cookies is looking/parsing for the persist key in the first responses body from the server. Cookies are easy since they are headers and we have commands to access them directly. You will need to collect the response and parse it for the jsessionid, so you can add the initial key to the table.
Mohamed_Lrhazi's avatar
Mohamed_Lrhazi
Icon for Altocumulus rankAltocumulus
Sep 23, 2014
Yes! No one seems to mention this key fact... even this solution document... erroneously suggests you dont need to find the actually session ID in the first response: http://support.f5.com/kb/en-us/solutions/public/7000/300/sol7392.html