justjonathan_15
Apr 22, 2016Nimbostratus
Checking Persistence iRule
Hi all,
We were supplied an iRule to use for a Java based application which gives out a session ID.
Since deploying our F5's to this application, we have noticed strange activity with user sessions, where users are hitting 3 different back-end servers, or receiving "already logged on" multiple times before accessing our systems.
I'm not an expert in TCL/iRule code - and would appreciate if people could advise if the below looks correct, or could even be causing us some problems?
My understanding is that a client hits the HTTP Server, and once they advance to the Java app they receive an APP-sid which then should set the persistence to that specific server.
when HTTP_REQUEST {
log local0. "IP:[IP::client_addr] URI:[HTTP::uri] SSL:[SSL::sessionid]"
if { [HTTP::uri] starts_with "/APP" and [HTTP::header "APP-sid"] ne "LocalSession" } {
if {[persist lookup uie [HTTP::header "APP-sid"]] ne ""} {
log local0. "Using APP-sid: [HTTP::header "APP-sid"]"
persist uie [HTTP::header "APP-sid"]
} else {
log local0. "Using SSL Session- setting APP-sid"
set APPSID [HTTP::header "APP-sid"]
persist uie [SSL::sessionid]
}
} else {
log local0. "Using SSL Session"
persist uie [SSL::sessionid]
}
}
when HTTP_RESPONSE {
if {[info exists APPSID]} {
persist add uie $APPSID
log local0. "Client: [IP::client_addr]: Set persistence for $APPSID : [persist lookup uie $APPSID]"
unset APPSID
}
}
Thanks!