Forum Discussion

Shyam_Shukla's avatar
Shyam_Shukla
Icon for Nimbostratus rankNimbostratus
Aug 19, 2019

Error setting Cookie from iRule SIdeband

Hello All,

 

Requirement: After SAML authentication (configured in per-session policy), F5 should be able to call our custom HTTP service running at remote server. Our custom service sets one cookie (app_cookie) and which should be passed to user's browser by F5.

 

To implement above requirement, I Implemented following Sideband iRule which is called from iRule Event (from per-session policy).

This iRule reports below when code line "Set-Cookie ${val}" is executed.

 

<ERROR>

Aug 19 20:43:36 xhd-tvapf5poc01 err tmm3[11138]: 01220001:3: TCL error: /Common/RemoteCallForPartnerApps <ACCESS_SESSION_STARTED> - invalid command name "Set-Cookie app_cookie=HelloWorld!; Domain=.company.com; Expires=Tue, 20-Aug-2019 00:43:36 GMT; Path=/"    while executing ""Set-Cookie ${val}""    ("foreach" body line 7)    invoked from within "foreach {nam val} $headers {            log local0.debug "nam is $nam"                         log local0.debug "val is $val"                     i..."

</ERROR>

 

 

 

when ACCESS_SESSION_STARTED {

#using HSSR super sideband irule

log local0.debug "Entered sideband irule"

 

set sts [call /Common/HSSR::http_req -uri "http://<REMOTE_SERVER>/service" \

 -rcookies cookies -rheaders headers -state hstate]

 

   if { ([lsearch $cookies "app_cookie"] >= 0) } {

 

       log local0.debug "cookies is $cookies"           

       #pass server cookies to client

 

       foreach {nam val} $headers {

           log local0.debug "nam is $nam"

           log local0.debug "val is $val"

 

           if {[string tolower $nam] eq "set-cookie"} {

             "Set-Cookie ${val}"

             break

           }

       }

 

  }

}

 

Appreciate your help to troubleshoot this issue or suggest anyother option to implement above requirement.

 

Thanks,

Shyam