cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Problem this snippet solves:

This iRule was created to persist user sessions on the same web server based upon ASP.NET_SessionId cookie. Many of the samples on the site did not work effectively in our environment. The issues stemmed from the fact that the cookie was being grabbed and sesssion persisted only on the HTTP_Request and not on the initial HTTP_Response when the ASP.NET_SessionId cookie is first set. This caused issues allowing traffic to potentially jump servers between the 1st and 2nd request.

I would welcome any/all feedback on this or if you think it can be made more efficient.

Code :

when HTTP_REQUEST {
         if { [HTTP::cookie exists "ASP.NET_SessionId"] } {
             LB::detach
         }
         set SessionId [HTTP::cookie ASP.NET_SessionId]
if { $SessionId ne "" } { persist uie $SessionId }
}

when HTTP_RESPONSE {
#log local0. "Response SessionId is: $SessionId from Set-Cookies: [HTTP::header values Set-Cookie]"
         if {[HTTP::header exists "Set-Cookie"]} { 
    foreach cookievalue [HTTP::header values "Set-Cookie"] { 
                 if { $cookievalue contains "ASP.NET_SessionId" } {
                    set SessionId [findstr $cookievalue "ASP.NET_SessionId" 18 ";"]
                    if { $SessionId ne "" } { persist add uie $SessionId }
                    #log local0. "Persist record [persist lookup uie $SessionId]"
        }
             }
         }
}
Comments
Hugo_Fernandes_
Nimbostratus
Nimbostratus

It just works!!! 🙂 Thx!

 

Version history
Last update:
‎18-Mar-2015 16:06
Updated by:
Contributors