Forum Discussion

Brian_Miller_01's avatar
Brian_Miller_01
Icon for Nimbostratus rankNimbostratus
Apr 02, 2014

Start Transaction Request ignored using SOAP header <session> element

iControl is ignoring a start_transaction request using SOAP directly with the SOAP Header session element. For technical reasons, I am unable to use an HTTP Header. Does anyone have an idea of why this is the case?

 

See the comment below for the SOAP code segments.

 

  • I've reformatted the sections of XML so that they display correctly. iControl is ignoring a start_transaction request using SOAP directly with the SOAP Header session element. For technical reasons, I am unable to use an HTTP Header. Does anyone have an idea of why this is the case? Using SOAP directly, I'm requesting a Session ID: ~~~ ~~~ iControl returns the Session ID, 31: ~~~ HTTP/1.1 200 OK Date: Wed, 02 Apr 2014 22:22:34 GMT Server: Apache Set-Cookie: BIGIPAuthCookie=*****; path=/; Secure; HttpOnly Set-Cookie: BIGIPAuthUsernameCookie=*****; path=/; Secure; HttpOnly SOAPServer: EasySoap++/0.6 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self' https://sentinel.whitehatsec.com https://api.ctscloud.com https://key.ctscloud.com 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=16070400; includeSubDomains Keep-Alive: timeout=4, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/xml; charset="UTF-8" 31 ~~~ Using the Session ID of 31, I send a Start Transaction Request: ~~~ 31 ~~~ iControl returns: ~~~ HTTP/1.1 200 OK Date: Wed, 02 Apr 2014 22:23:58 GMT Server: Apache Set-Cookie: BIGIPAuthCookie=*****; path=/; Secure; HttpOnly Set-Cookie: BIGIPAuthUsernameCookie=*****; path=/; Secure; HttpOnly SOAPServer: EasySoap++/0.6 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self' https://sentinel.whitehatsec.com https://api.ctscloud.com https://key.ctscloud.com 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=16070400; includeSubDomains Keep-Alive: timeout=4, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/xml; charset="UTF-8" 0 ~~~ The subsequent Create Node request executes immediately instead of being queued with the transaction, despite having the same Session ID included: ~~~ 31 myTestNode4 192.168.1.14 5 ~~~ iControl responds and the Address node is immediately created: ~~~ HTTP/1.1 200 OK Date: Wed, 02 Apr 2014 22:26:14 GMT Server: Apache Set-Cookie: BIGIPAuthCookie=*****; path=/; Secure; HttpOnly Set-Cookie: BIGIPAuthUsernameCookie=*****; path=/; Secure; HttpOnly SOAPServer: EasySoap++/0.6 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Security-Policy: default-src 'self' https://sentinel.whitehatsec.com https://api.ctscloud.com https://key.ctscloud.com 'unsafe-inline' 'unsafe-eval' Strict-Transport-Security: max-age=16070400; includeSubDomains Keep-Alive: timeout=4, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/xml; charset="UTF-8" ~~~
  • It turns out that the transaction timeout was expiring. It's set by default to 5 seconds, and since I was performing each request manually, I exceeded the timeout. I used the set_transaction_timeout request, which is specific to each session, to work around it.