Forum Discussion

quickref_74249's avatar
quickref_74249
Icon for Nimbostratus rankNimbostratus
Nov 23, 2011

ASP stickiness with multiple cookies

Hi, i know that there's is already a codeshare example for this kind of stickiness but i need an extension and i don't know how to set up the rule.

 

I set up the following IRule:

 

when HTTP_REQUEST {

 

set SessionId [HTTP::cookie ASP.NET_SessionId]

 

log local0. "Request SessionId is: $SessionId"

 

if { $SessionId != "" } { persist uie $SessionId }

 

}

 

when HTTP_RESPONSE {

 

set SessionId [findstr [HTTP::header Set-Cookie] "ASP.NET_SessionId" 18 24]

 

log local0. "Response SessionId is: $SessionId"

 

if { $SessionId != "" }{ persist add uie $SessionId }

 

}

 

which works fine for the request but not the response. the problem is that the server sends 4 'Set-Cookie' statements and the 'ASP.NET_SessionId' is the first one in the list.

 

this is what the server responds:

 

Set-Cookie: ASP.NET_SessionId=edfozx45o40stpfgnbtue045; path=/; HttpOnly

 

Set-Cookie: EPowerV4Users=carrefourvoyagesb2b=13_user; path=/

 

Set-Cookie: EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/

 

Set-Cookie: VisitorID=1703234c-e2be-45a4-a9c3-29183aa09fde; expires=Fri, 23-Nov-2012 07:55:38 GMT; path=/

 

X-Powered-By: ASP.NET

 

i found in the wiki the statement forn http:header:

 

'Note that the command will operate on the value of the last header if there are multiple headers with the same name'

 

So i would need now an expension of the rule to look at all 'Set-Cookie' headers and apply stickieness

 

based on the asp session id.

 

I tried to put together bits and pieces from different other rules but it seems that my skills are not good enough to get it working.

 

Can someone please help me.

 

application delivery
dev
devops
iRules

9 Replies

Sort By
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2011
    there is HTTP::header values which will return value of all the header. so, you can go through each of them. can you try?

     

     

    HTTP::header wiki

     

    http://devcentral.f5.com/wiki/iRules.HTTP__header.ashx
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2011
    e.g. 

    [root@ve1023:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve1023:Active] config  b rule myrule list
rule myrule {
   when HTTP_RESPONSE {
        foreach acookie [HTTP::header values "Set-Cookie"] {
                log local0. "$acookie"
        }
}
}

[root@ve1023:Active] config  curl -I http://172.28.19.79
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2011 14:57:09 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT
ETag: "4183e4-3e-9c564780"
Accept-Ranges: bytes
Content-Length: 62
Set-Cookie: ASP.NET_SessionId=edfozx45o40stpfgnbtue045; path=/; HttpOnly
Set-Cookie: EPowerV4Users=carrefourvoyagesb2b=13_user; path=/
Set-Cookie: EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/
Set-Cookie: VisitorID=1703234c-e2be-45a4-a9c3-29183aa09fde; expires=Fri, 23-Nov-2012 07:55:38 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8

[root@ve1023:Active] config  
Nov 23 06:56:55 local/tmm info tmm[23027]: Rule myrule : ASP.NET_SessionId=edfozx45o40stpfgnbtue045; path=/; HttpOnly
Nov 23 06:56:55 local/tmm info tmm[23027]: Rule myrule : EPowerV4Users=carrefourvoyagesb2b=13_user; path=/
Nov 23 06:56:55 local/tmm info tmm[23027]: Rule myrule : EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/
Nov 23 06:56:55 local/tmm info tmm[23027]: Rule myrule : VisitorID=1703234c-e2be-45a4-a9c3-29183aa09fde; expires=Fri, 23-Nov-2012 07:55:38 GMT; path=
  • quickref_74249's avatar
    quickref_74249
    Icon for Nimbostratus rankNimbostratus
    Nov 23, 2011
    hi Nitass,

     

     

    this part works fine. i get in the log:

     

     

    Nov 23 15:05:21 local/tmm3 info tmm3[6717]: Rule myrule : ASP.NET_SessionId=z3kdws45wkakfnajv0aj3z45; path=/; HttpOnly

     

    Nov 23 15:05:21 local/tmm3 info tmm3[6717]: Rule myrule : EPowerV4Users=carrefourvoyagesb2b=13_user; path=/

     

    Nov 23 15:05:21 local/tmm3 info tmm3[6717]: Rule myrule : EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/

     

    Nov 23 15:05:21 local/tmm3 info tmm3[6717]: Rule myrule : VisitorID=82873d2d-f176-4d68-916c-f8195c4f6b7f; expires=Fri, 23-Nov-2012 15:05:22 GMT; path=/

     

     

     

     

  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2011
    So i would need now an expension of the rule to look at all 'Set-Cookie' headers and apply stickieness

     

    based on the asp session id.so, are you able to do this part?
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2011
    can you try this? anyway, sorry i have not yet tested it. 

    [root@ve1023:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
        set SessionId [HTTP::cookie ASP.NET_SessionId]
         log local0. "Request SessionId is: $SessionId"
        if {$SessionId != ""} {persist uie $SessionId}
}
when HTTP_RESPONSE {
        foreach acookie [HTTP::header values "Set-Cookie"] {
                set SessionId [findstr $acookie "ASP.NET_SessionId" 18 24]
                 log local0. "Response SessionId is: $SessionId"
                if {$SessionId != ""}{persist add uie $SessionId}
        }
}
}
  • quickref_74249's avatar
    quickref_74249
    Icon for Nimbostratus rankNimbostratus
    Nov 23, 2011
    that one did the trick. thank you very much for your help. i won't say that i wasted half of the day as i learned a lot about IRules but without your help i think i would been lost for some more time.

     

  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Nov 23, 2011
    HTTP::cookie ASP.NET_SessionId will return the value for the (last) ASP.NET_SessionId cookie, regardless of how many other cookies are set in the response. So you shouldn't need to parse the Set-Cookie headers anyhow.

    Your first iRule should be working as is. If it's not you could add more debug logging to it: 

    when HTTP_REQUEST {
set SessionId [HTTP::cookie ASP.NET_SessionId]
log local0. "[IP::client_addr]:[TCP::client_port]: Request SessionId is: $SessionId"
if { $SessionId != "" } { persist uie $SessionId 3600 }
}
when LB_SELECTED {
log local0. "[IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when LB_FAILED {
log local0. "[IP::client_addr]:[TCP::client_port]: Failed [LB::server]"
}
when SERVER_CONNECTED {
log local0. "[IP::client_addr]:[TCP::client_port]: Connected [IP::server_addr]:[TCP::server_port]"
}
when HTTP_RESPONSE {
set SessionId [findstr [HTTP::cookie "ASP.NET_SessionId"] 18 24]
log local0. "[IP::client_addr]:[TCP::client_port]: "Response SessionId is: $SessionId from Set-Cookies: [HTTP::header values Set-Cookie]"
if { $SessionId != "" }{
persist add uie $SessionId 3600
log local0. "[IP::client_addr]:[TCP::client_port]: Persist record [persist lookup uie $SessionId]"
}
}

    Also, you should add a OneConnect profile to the virtual server to ensure each request is evaluated for persistence. If you're using SNAT you can use the default OneConnect profile with a /0 source mask. Else if you're not using serverside source address translation, create a custom OneConnect profile with the source mask set to /32. See this article for details:

    http://devcentral.f5.com/wiki/AdvDesignConfig.ONECONNECT.ashx

    Aaron
  • nitass's avatar
    nitass
    Icon for Employee rankEmployee
    Nov 23, 2011
    Aaron,

    noted with thanks. by the way, i think you might forget to change HTTP::header to HTTP::cookie in HTTP_RESPONSE event.

    this is my testing. 

    [root@ve1023:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:80
   ip protocol 6
   rules myrule
   profiles {
      http {}
      tcp {}
   }
}
[root@ve1023:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {

    set SessionId [HTTP::cookie ASP.NET_SessionId]
    log local0. "[IP::client_addr]:[TCP::client_port]: Request SessionId is: $SessionId"
    if { $SessionId != "" } { persist uie $SessionId 3600 }
}
when LB_SELECTED {
    log local0. "[IP::client_addr]:[TCP::client_port]: Selected [LB::server]"
}
when LB_FAILED {
    log local0. "[IP::client_addr]:[TCP::client_port]: Failed [LB::server]"
}
when SERVER_CONNECTED {
    log local0. "[IP::client_addr]:[TCP::client_port]: Connected [IP::server_addr]:[TCP::server_port]"
}
when HTTP_RESPONSE {

    set SessionId [findstr [HTTP::header Set-Cookie] "ASP.NET_SessionId" 18 24]
    set SessionId [HTTP::cookie "ASP.NET_SessionId"]
    log local0. "[IP::client_addr]:[TCP::client_port]: Response SessionId is: $SessionId from Set-Cookies: [HTTP::header values Set-Cookie]"
    if { $SessionId != "" }{
        persist add uie $SessionId 3600
        log local0. "[IP::client_addr]:[TCP::client_port]: Persist record [persist lookup uie $SessionId]"
    }
}
}

[root@ve1023:Active] config  curl -I http://172.28.19.79
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2011 22:04:39 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Fri, 11 Nov 2011 14:48:14 GMT
ETag: "4183e4-3e-9c564780"
Accept-Ranges: bytes
Content-Length: 62
Set-Cookie: ASP.NET_SessionId=edfozx45o40stpfgnbtue045; path=/; HttpOnly
Set-Cookie: EPowerV4Users=carrefourvoyagesb2b=13_user; path=/
Set-Cookie: EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/
Set-Cookie: VisitorID=1703234c-e2be-45a4-a9c3-29183aa09fde; expires=Fri, 23-Nov-2012 07:55:38 GMT; path=/
Connection: close
Content-Type: text/html; charset=UTF-8

[root@ve1023:Active] config  
Nov 23 14:04:25 local/tmm info tmm[23027]: Rule myrule : 172.28.19.80:56914: Request SessionId is:
Nov 23 14:04:25 local/tmm info tmm[23027]: Rule myrule : 172.28.19.80:56914: Selected foo 200.200.200.101 80
Nov 23 14:04:25 local/tmm info tmm[23027]: Rule myrule : 172.28.19.80:56914: Connected 200.200.200.101:80
Nov 23 14:04:25 local/tmm info tmm[23027]: Rule myrule : 172.28.19.80:56914: Response SessionId is: edfozx45o40stpfgnbtue045 from Set-Cookies: {ASP.NET_SessionId=edfozx45o40stpfgnbtue045; path=/; HttpOnly} {EPowerV4Users=carrefourvoyagesb2b=13_user; path=/} {EPowerV4UsersCorporates=carrefourvoyagesb2b=agencyantibes; path=/} {VisitorID=1703234c-e2be-45a4-a9c3-29183aa09fde; expires=Fri, 23-Nov-2012 07:55:38 GMT; path=/}
Nov 23 14:04:25 local/tmm info tmm[23027]: Rule myrule : 172.28.19.80:56914: Persist record foo 200.200.200.101 80
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Nov 23, 2011
    Yep, that should have been [HTTP::cookie "ASP.NET_SessionId"] in HTTP_RESPONSE.

     

     

    Aaron