For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Tuomas_Jormola_'s avatar
Tuomas_Jormola_
Icon for Nimbostratus rankNimbostratus
Apr 17, 2008

Strange things happening while attempting universal persistence using JSESSIONID

Hi, I'm setting up a Java web application behind a pair of F5 BIG-IP LTMs running operating system version 9.3.1. The application is hosted on a cluster of machines running Resin servlet conta...
application delivery
dev
devops
iRules
Tuomas_Jormola_'s avatar
Tuomas_Jormola_
Icon for Nimbostratus rankNimbostratus
Apr 18, 2008
Hi,

 

 

Posted By kevin.stewart on 04/17/2008 6:44 AM

 

 

I may be missing something in your explanation, but is there a specific reason that you cannot use the BigIP builtin cookie persistence mechanism? With this the BigIP sends its own cookie to the client that indicates the LB node.

 

 

Kevin

 

 

 

We want to minimize the number of cookies sent, and since a session id is already made available by the application, and the BIG-IP is supposed to be able to utilizie it, why not use that.

 

Also in the future, the requirements might change so that we can't use cookies at all,

 

in which case the application server is configured to deliver the session id in the request uri.

 

In order to support this, we would have to write a universal persistence profile anyway.