Forum Discussion
mahnsc
Nimbostratus
NimbostratusJSESSIONID's with null or empty values
Hi everyone. I'm using the jsessionid irules from this post. The only thing I've modified are the inactivity timeout periods (and disabled logging).
The rule has worked fine for me in all previou...
mahnscNimbostratus
NimbostratusOK. Let me correct myself here. I have 1 app server down right now. User clicks Signout, they get the error. I've also tried using an older jsessiondid persistence rule for testing as well:
when HTTP_REQUEST {
if { [HTTP::cookie exists "JSESSIONID"] } {
persist uie [HTTP::cookie "JSESSIONID"] 1800
} else {
set jsess [findstr [HTTP::uri] "JSESSIONID" 11 ";"]
if { $jsess != "" } {
persist uie $jsess 1800
}
}
}
when HTTP_RESPONSE {
if { [HTTP::cookie exists "JSESSIONID"] } {
persist add uie [HTTP::cookie "JSESSIONID"] 1800
}
}
This rule also fails. Someone who is much smarter than me in this area provided the following updates, which works for what we need it to do:
when HTTP_REQUEST {
if { [HTTP::cookie exists "JSESSIONID"] } {
set jsess [HTTP::cookie "JSESSIONID"]
if { $jsess != "" } {
persist uie $jsess 2700
}
} else {
set jsess [findstr [HTTP::uri] "JSESSIONID" 11 ";"]
if { $jsess != "" } {
persist uie $jsess 2700
}
}
}
when HTTP_RESPONSE {
if { [HTTP::cookie exists "JSESSIONID"] } {
set jsess [HTTP::cookie "JSESSIONID"]
if { $jsess != "" } {
persist uie $jsess 2700
}
}
}
Aaron, if you still have the time, can you help me understand what these changes are doing? I thought I understood but I guess I haven't fully grokked it.