Forum Discussion
Chris_Schaerli_
Nimbostratus
NimbostratusTracking session in soap header?
I have been going though the board looking for something to help me with a session persistence issue. I have some transactions I need to set persistence on and I can’t use source IP or cookie. The only thing I have been able to find is a value in the soap header that is unique per session. I have not been able to figure out how to pull that out.
Can anyone suggest a place to start? Here is a snip of the soap header. I need to track on the “soapenc” value.
Jz8rPz8/eAVeJT8/Pz8/KT8/PzA/BD8/Pxd4Pz9LPxg/P2M/Pz8/Pz8/P1I/LT8rP18=
25 Replies
- 1.) There's no reason to split this into two rules. It's quite normal to have the request and response portion in the same iRule.
2.) The error you're seeing is because you need to supply an integer value for the HTTP::collect command. It looks like the interpreter is being picky about the fact that you're supplying a substitution that you're hoping turns out to be an integer, not a raw integer. Try placing an integer value there instead. I'll look into whether we can make this a little more tolerant.
Colin 
Chris_Schaerli_Colin,
I am not sure what you mean by plugging an integer value in.
I split the rule into two rules to test them. For this block I get the TCL error.
when HTTP_RESPONSE {
collect the payload containing the REPLY data
HTTP::collect [HTTP::header Content-Length]
}
when HTTP_RESPONSE_DATA {
look for persistence data beginning the 59th character following the 'xmlns:soapenc=' string & ending @ "<" char
and follow existing persistence record or create a new one
persist uie [findstr [HTTP::payload] xmlns:soapenc= 58 <]
log local0. [findstr [HTTP::payload] xmlns:soapenc= 58 <]
}
You need to set a value for the collect length, and there most likely is not a Content-Length header in the chunked response (typical for XML payloads since they are mostly dynamic). More on that later, though, as I think we need to more clearly define the problem we are trying to solve -- if the desired persistence data is in the response rather than the request, you will need to change the logic a bit.
I assumed the data was in the request, but now it's unclear.
Is the data you want to persist on in the response only?
/deb- Chris_Schaerli_Initially I thought the soap header was generated on the client side.
What is happening is the client generates an authentication attempt. The reply from the server contains the soap header value I want to set persistence on. The client then passes a data request with the same soap header.
The bigip is not sending that request back to the same node it authenticated to so the server that gets the request sees it as an unauthenticated request. - Chris_Schaerli_Deb,
I had someone else who is working on this issue point out a post which has kind of what I think I am looking for.
http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&forumid=5&postid=8606
Dennypayne posted an Irule that sets persistence after the client connection is accepted. It is using a uri instead of a header value, but I figure I could adapt it using the findstr command. What do you think? - Ah, got it.
Then we need to know the name of the response header and the value contained in it to adjust the iRule to write a persistence table entry in the response event.
/deb - (didn't see your other post)
This thread has response event logic similar to what you'd need to add to the request bit we've already worked out.
http://devcentral.f5.com/Default.aspx?tabid=53&view=topic&forumid=5&postid=13876 (Click here
So something like this, replacing/adjusting the findstr command in HTTP_RESPONSE to match your situation:when HTTP_REQUEST { collect the payload containing the POST data HTTP::collect [HTTP::header Content-Length] } when HTTP_REQUEST_DATA { persist on data from 59th character following 'xmlns:soapenc=' up to "<" follow existing persistence record or create a new one persist uie [findstr [HTTP::payload] xmlns:soapenc= 58 <] log local0. "Request SessionID is: >[findstr [HTTP::payload] xmlns:soapenc= 58 <]<" } when HTTP_RESPONSE { set SessionId [findstr [HTTP::header SOAPheader] "xmlns:soapenc=" 58 <] log local0. "Response SessionId is: >$SessionId<" if { $SessionId != "" }{ persist add uie $SessionId } } - Chris_Schaerli_I grabbed Dennypayne's Irule and updated it with the findstr that was working earlier. I am getting three errors when I try to save the rule.
when CLIENT_ACCEPTED {
set add_persist 1
when HTTP_RESPONSE {
set uid [findstr [HTTP::payload] xmlns:soapenc= 58 <] "uid=" 5 "&"]
if { $uid != "" and $add_persist} {
log local0. "Adding persist value to table: $uid"
persist add uie $uid
set add_persist 0
}
when HTTP_REQUEST {
set fulluri [HTTP::uri]
set uid [findstr [HTTP::payload] xmlns:soapenc= 58 <] "uid=" 5 "&"]
if { $uid != "" } {
log local0. "Using persist value uid: $uid | $fulluri"
persist uie $uid
} else {
log local0. "No uid found in HTTP REQUEST | $fulluri"
}
} - Chris_Schaerli_Let me give that a shot. Thanks Deb
- Chris_Schaerli_Ok so sort of works. When we use a test harness I can see the response getting set then the data request, but the response back is not the soap session id it is the actual data payload.
Wed Jun 20 18:26:20 CDT 2007 tmm tmm[1044] Rule test2 HTTP_REQUEST_DATA: su
Wed Jun 20 18:26:27 CDT 2007 tmm tmm[1044] Rule test2 HTTP_RESPONSE: Response SessionId is: Kw8/Pz9ZAgQ/PwQHNCwxVGhgPyJjPxItZF4/Ej8/I1pgPz9lP0A/Pz9jH0FeTHpjST8=
Wed Jun 20 18:26:27 CDT 2007 tmm tmm[1044] Rule test2 HTTP_REQUEST_DATA: Kw8/Pz9ZAgQ/PwQHNCwxVGhgPyJjPxItZF4/Ej8/I1pgPz9lP0A/Pz9jH0FeTHpjST8=
Wed Jun 20 18:26:32 CDT 2007 tmm tmm[1044] Rule test2 HTTP_RESPONSE: Response SessionId is: lt?xml version=quot1.0quot encoding=quotUTF-8quot?gtltclaimgt lfooCodeShortgt020lt/fooCodeShortgt fooCodeLonggt020 - foolt/fooCodeLonggt foolt/groupgt ltparentGroupgtnulllt/parentGroupgt lt/foo
Wed Jun 20 18:26:32 CDT 2007 tmm tmm[1044] 01220001 TCL error: Rule test2 HTTP_RESPONSE - bad option version=quot1.0quot: must be any, virtual, service, or pool while executing persist add uie $SessionId
