For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

David_L_'s avatar
David_L_
Icon for Nimbostratus rankNimbostratus
Sep 07, 2007

SSL-Termination Persistence

I need to enable persistence for an SSL-terminated connection on a version 9.4.1 LTM.   The Configuration Guide and these forums indicate that SSL Persistence is not supported for SSL-terminated co...
application delivery
dev
devops
iRules
David_L_'s avatar
David_L_
Icon for Nimbostratus rankNimbostratus
Sep 07, 2007
OK - To update this in case anyone is listening - I've copied/written/modified a rule that meets this requirement. There's one part I can't get to work correctly though - any thoughts would be appreciated.

 

 

The part that doesn't work is the "persist delete" statement. The goal is to delete the persistence record if the user logs out. The "if" statement is being evaluated properly, but the "persist delete" statement does not seem to be doing anything. The record remains until its 1800 second timeout.

 

 

 

when CLIENT_ACCEPTED {

 

set add_persist 1

 

}

 

when HTTP_RESPONSE {

 

if { [HTTP::cookie exists "JSESSIONID"] and $add_persist } {

 

persist add uie [HTTP::cookie "JSESSIONID"] 1800

 

set add_persist 0

 

}

 

}

 

when HTTP_REQUEST {

 

if { [HTTP::cookie exists "JSESSIONID"] } {

 

if { [HTTP::uri] ends_with "logout.do"} {

 

persist delete uie [HTTP::cookie "JSESSIONID"]}

 

else {

 

persist uie [HTTP::cookie "JSESSIONID"] 1800

 

}

 

}

 

}