Forum Discussion

Nimbostratus

Dec 01, 2014

sessions without session cookies

Hi ! I'm writing an access policy for a legacy SOAP webservice. Clients are stateless, they do not recognize session cookies and do not resend them on subsequent requests. Clients do send a basic a...

application delivery

BIG-IP Access Policy Manager (APM)

Nimbostratus

Dec 08, 2014

I got advice from Per Bøe and was able to adapt the approach in default iRule

_sys_APM_activesync

The trick was to

create a user_key from the basicauth header
On ACCESS_SESSION_STARTED, write the user_key to session.user.uuid:
```
ACCESS::session data set "session.user.uuid" $user_key
```
On subsequent HTTP_REQUEST's, find matching sessions by
```
ACCESS::user getsid $user_key
```
and reuse them

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

sessions without session cookies

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

MCP Session Affinity With F5 NGINX Plus

TLS Stateful vs Stateless Session Resumption

Agility sessions announced

F5 XC Session tracking with User Identification Policy

Session Table Control

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS