Forum Discussion

Anirban's avatar
Anirban
Icon for Nimbostratus rankNimbostratus
Aug 13, 2022
Solved

Payload string based persistence

1) CLient sent HTTP request with user id and password

2) Server responds with SESSIONID in XML file after successfull login.

3) CLient sent HTTP request with SESSIONID in xml file ecery time

4) Server responds data, but no SESSIOnID

5) Client send HTTP request with SESSIONID in xml file

************************************************************************

when HTTP_RESPONSE {
if {[string length [findstr [HTTP::payload] "<return>" 8 "</return>"]] == 30}
{
set SESSIONID_RS [findstr [HTTP::payload] "<return>" 8 "</return>"]
log local0. "Response SessionID: $SESSIONID_RS"
persist uie add $SESSIONID_RS
else { persist source_address}

}
}
when HTTP_REQUEST {
if {[string length [findstr [HTTP::payload] "<arg0>" 6 "</arg0>"]] == 30}
{

set SESSIONID_RQ [findstr [HTTP::payload] "<arg0>" 6 "</arg0>"]
log local0. "Request SessionID: $SESSIONID_RQ"
persist uie $SESSIONID_RQ
}
}

**************************************************************

We want to create a perssitence rule on the basis of SESSIONID.

 

I am able to log the sessionID, but persistence is not working. Please suggest

 

I am new to iRule and Community so attaching iRule in JPEG attachment I cant paste in body(Dont know why?)

  • Hi Anirban, you will very likely have to start collecting the data and lookup the collected payload in the context of the HTTP_RESPONSE_DATA event.

    There is a how-to in the event man page for HTTP_RESPONSE_DATA. 

    Please make also sure to remove the Accept-Encoding header in the context of HTTP_REQUEST. Header manipulation is described here: HTTP::header. By removing the Accept-Encoding header you prevent the server from sending compressed data.

    Please check, if the payload send by the client has the Expect header (Expect: 100). Let me know, if this is the case. I had a similar issue a while ago and may have a solution based on collecting CLIENT_DATA or CLIENTSSL_DATA.

3 Replies

  • Hi Anirban, you will very likely have to start collecting the data and lookup the collected payload in the context of the HTTP_RESPONSE_DATA event.

    There is a how-to in the event man page for HTTP_RESPONSE_DATA. 

    Please make also sure to remove the Accept-Encoding header in the context of HTTP_REQUEST. Header manipulation is described here: HTTP::header. By removing the Accept-Encoding header you prevent the server from sending compressed data.

    Please check, if the payload send by the client has the Expect header (Expect: 100). Let me know, if this is the case. I had a similar issue a while ago and may have a solution based on collecting CLIENT_DATA or CLIENTSSL_DATA.

  • Thanks a lot.....

    I have configured as below as per your suggestion

    when HTTP_RESPONSE {
    if {[string length [findstr [HTTP::payload] "<return>" 8 "</return>"]] == 30}{
    if {[HTTP::header "Content-Length"] ne "" && [HTTP::header "Content-Length"] <= 1048576}{
    set content_length [HTTP::header "Content-Length"]
    } else {
    set content_length 1048576
    }
    if { $content_length > 0} {
    HTTP::collect $content_length
    }
    }
    }
    when HTTP_RESPONSE_DATA {
    persist add uie [findstr [HTTP::payload] "<return>" 8 "</return>"] 1800
    log local0. "Responset SessionID: [findstr [HTTP::payload] "<return>" 8 "</return>"]"
    }

    when HTTP_REQUEST {
    if {[string length [findstr [HTTP::payload] "<arg0>" 6 "</arg0>"]] == 30}{
    if {[HTTP::header "Content-Length"] ne "" && [HTTP::header "Content-Length"] <= 1048576}{
    set content_length [HTTP::header "Content-Length"]
    } else {
    set content_length 1048576
    }
    if { $content_length > 0} {
    HTTP::collect $content_length
    }
    }
    }
    when HTTP_REQUEST_DATA {
    persist uie [findstr [HTTP::payload] "<arg0>" 6 "</arg0>"] 180
    log local0. "Request SessionID: [findstr [HTTP::payload] "<arg0>" 6 "</arg0>"]"
    }

    Its working 90% of the time but not all time.

    Observation:

    When F5 receive Request SessionID first then it started malfunctioning(10% time). I dont know why F5 can not extract Response SessionID from RESPONSE_DATA all the time.