remove dynamic session id in url
I am trying to remove jsessionid from the requested URL. I have tried using irules to do it (with no luck). I see is ASM it is possible according to knowledge article K7513. I created a new policy and set the dynamic session id in url to ;jsessionid=.{32}. It does not appear to be working or maybe I am interpreting it wrong. Is there something more to configuring ASM? Does it take a while to take affect?
the site that I am trying to do this for is a jboss site (unfortunatley I cant do the jsessionid in the backend server). The behavior of the site places a jsessionid in the requested url (it is only visible with developer tools and is at no time put in the URL bar). I pasted the output of curl below and highlighted the jsessionid I need to remove. My ASM is 11.5.4 and I do see that the affected versions of the knowledge article skips that version.
curl 'https://myportal.pricechopper.com/myportal/auth/portal/default/default;jsessionid=1627FB0D31980F1EC4B25D3C23E79BB7' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/61.0' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8' -H 'Accept-Language: en-US,en;q=0.5' --compressed -H 'Referer: https://myportal.pricechopper.com/myportal/' -H 'Cookie: JSESSIONID=1627FB0D31980F1EC4B25D3C23E79BB7; TS01419a0d=0178d08b8ac66a3674cdd363f381d4f894c251c727cea9c4567db44202bd7eabef2a092690c6fe5e7942c6b7a044cdab3119770d63' -H 'Connection: keep-alive' -H 'Upgrade-Insecure-Requests: 1'