For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Moose224_63566's avatar
Moose224_63566
Icon for Nimbostratus rankNimbostratus
Mar 12, 2010

WebLogic Persistence issue.

We have deployed several BEA WebLogic applications, all with JSessionID persistence, without issue.

 

 

Now we are deploying a new Application using a renamed JSessionID cookie for persistence, and we are seeing issues with finding the value in our persistence table consistently. Watching communication, we see will see a number of requests hit the iRule we are using, and find the persistence record, and persist. Every now and then it will not find a value for persistence, and load balance to an improper server. Anyone have any ideas?

 

 

Note: We are also doing some static content separation to an Apache farm.

 

 

 

 

when HTTP_REQUEST {

 

if { [ matchclass [HTTP::path] ends_with $::WLfiles ] } {

 

WebLogic Request

 

pool weblogic_pool

 

if { [HTTP::cookie exists "CookieID"] } {

 

set PersistValue [persist lookup uie [HTTP::cookie "CookieID"]]

 

if {$PersistValue eq ""} {

 

log local0.info "no persistance found, even though cookie exists"

 

}

 

persist uie [HTTP::cookie "CookieID"]

 

}

 

} else {

 

Static Request

 

pool Static-Content_pool

 

}

 

}

 

when HTTP_RESPONSE {

 

if { [HTTP::cookie exists "CookieID"] } {

 

persist add uie [HTTP::cookie "CookieID"] 3600

 

}

 

}
application delivery
dev
devops
iRules

3 Replies

  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Mar 13, 2010
    what is the format of your cookie? It's been awhile, but in an environment I've worked in it was <52characterString>!! or something like that. Sometimes, the server IDs would change coming back from the app, tanking persistence when using the whole cookie. I stripped off the serverID stuff and just went with the ID itself using getfield:

     

     

    [getfield [HTTP::cookie "CookieID"] "!" 1]

     

     

    Not sure this is your same scenario, but something to consider.
  • brad_11480's avatar
    brad_11480
    Icon for Nimbostratus rankNimbostratus
    Nov 16, 2011
    Our Weblogic persistence uses a cookie insert persistence method. This seems to be what the F5 guide and the BEA Weblogic template uses as well.

     

     

    It works _most_ of the time. However, we do see entries in the weblogic logs that indicate that from time to time a request comes in and falls on the wrong server (not the primary or secondary weblogic server). That puts weblogic into a recovery state to reconstruct the session on the server that it arrived on.

     

     

    Sounds very similar to the situation Moose reports above. Thanks for the code snippet. I think I can use it for a variation to log when this occurs and capture some information to try to determine what happened.

     

     

    I'd also be interested in anyone who has found a solution to this situation. Save me the work of trying figure this one out-- guessing it will take a bit to do that.

     

     

    Thanks!
  • hoolio's avatar
    hoolio
    Icon for Cirrostratus rankCirrostratus
    Nov 16, 2011
    Hi Brad,

     

     

    On a tangent, you could try an iRule which uses the primary and secondary session mirroring and tokens on Weblogic to persist clients:

     

     

    http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/asg/50/aft/1171255/showtab/groupforums/Default.aspx1172496

     

     

    Make sure to add a OneConnect profile to the virtual server.

     

     

    Aaron