Forum Discussion
mahnsc
Nimbostratus
NimbostratusJSESSIONID's with null or empty values
Hi everyone. I'm using the jsessionid irules from this post. The only thing I've modified are the inactivity timeout periods (and disabled logging).
The rule has worked fine for me in all previou...
hooleylist
Cirrostratus
CirrostratusHi Chris,
I've updated your second example to streamline it a bit and add comments. The reason this approach works for null cookie values is that HTTP::cookie value "cookie_name" will return nothing if the cookie is not present or has a null value.
when HTTP_REQUEST {
Check if the JSESSIONID cookie is present in the request and has a non-null value
if { [HTTP::cookie "JSESSIONID"] ne "" }{
Persist on the JSESSIONID cookie value for X seconds
persist uie [HTTP::cookie "JSESSIONID"] 2700
} else {
Cookie wasn't set or didn't have a value, so check for the session ID in the URI
set jsess [findstr [HTTP::uri] "JSESSIONID" 11 ";"]
if { $jsess != "" } {
Persist on the JSESSIONID URI value for X seconds
persist uie $jsess 2700
}
}
}
when HTTP_RESPONSE {
Check if the JSESSIONID cookie is present in the response and has a non-null value
if { [HTTP::cookie "JSESSIONID"] ne "" }{
Persist on the JSESSIONID cookie value for X seconds
persist add uie [HTTP::cookie "JSESSIONID"] 2700
}
}Aaron