Forum Discussion
stephent_88282
Nimbostratus
Nimbostratusnewbie persistence question cookie and/or message body
I'm trying to persist based on a cookie value sent by one application client and for another client use a string that is in the post body: This is what I think will work. Am I close?
rule http_persist_rl {
when HTTP_REQUEST {
if { [HTTP::cookie exists "SessionId"] } {
if { [HTTP::cookie "SessionId"] != ""} {
LB::detach
persist uie [HTTP::cookie "SessionId"]
}
} else if {http_method == “POST” and findstr(http_content,”SessionId=”,10,’&’) != “”} {
LB:detach
Persist uie [findstr(http_content,”SessionId=”,10,’&’)]
}
}
when HTTP_RESPONSE {
if { [HTTP::cookie exists "SessionId"] } {
if { [HTTP::cookie "SessionId"] != "" } {
persist add uie [HTTP::cookie "SessionId"]
}
}
}
}
The cookie name is "SessionId" and the value is an alpha-numeric GUID. The same type of data is sent by another client as part of the request parameters in a POST. ...&SessionId=388292382hfgd223223923gf&...
Since the service behind the LB does not set or use cookies on the response unless the cookies are passed in what will happen for the case where there is no cookie on the Response? Will that cause no persistence for the POST case?
The client using POST has tried to add the SessionId cookie into the headers using Set-Cookie: and I can see it in the headers but there does not seem to be consistent (if any) persistence
stephent_88282After some more looking around I'm thinking this will get the job done. Not certain on all the syntax. Any suggestions would be welcome.rule http_persist_rl2 {
when HTTP_REQUEST {check for SessionId Cookieset session ""if { [HTTP::cookie exists "SessionId"] } {if { [HTTP::cookie "SessionId"] != ""} {set session [HTTP::cookie "SessionId"]}}check for Set-Cookie header with SessionIdelse if {[HTTP::header count "Set-cookie" ] > 0 } {set all_set_cookies [HTTP::header "Set-cookie" ]foreach one_set_cookie $all_set_cookies {if { $one_set_cookie contains "SessionId" } {set session [ findstr($one_set_cookie,"SessionId=",10,';') ]}}}check for SessionId in the body if the method is POSTelse if {http_method == "POST" and findstr(http_content,"SessionId=",10,'&') != ""} {set session [findstr(http_content,"SessionId=",10,'&')]}
if { $session != "" } {LB:detachpersist uie [ $session ]}}when HTTP_RESPONSE {set session ""check for SessionId Cookieif { [HTTP::cookie exists "SessionId"] } {if { [HTTP::cookie "SessionId"] != "" } {set session [HTTP::cookie "SessionId"]}}check for Set-Cookie header with SessionIdelse if {[HTTP::header count "Set-cookie" ] > 0 } {set all_set_cookies [HTTP::header "Set-cookie" ]foreach one_set_cookie $all_set_cookies {if { $one_set_cookie contains "SessionId" } {set session [ findstr($one_set_cookie,"SessionId=",10,';') ]}}}check for SessionId in the bodyXML response idelse if { findstr(http_content,"SessionId>",9,'<') != "" } {set session [findstr(http_content,"SessionId>",9,'<')]}if { $session != "" } {persist add uie [ $session ]}}}
Michael_YatesHi stephent,
You may want to take a look at this example. It is very similar in purpose and much simpler in application:
ASP Session ID Persistence