Hello, On Fri, Aug 08, [email protected] wrote: > But, when I migrated system to complex > environment(haproxy+cluster). my browser always could not found this > CASTGC cookie.
Does your browser get the CASTGC cookie if you send your requests directly to your clustered webserver for example to WEB01 in your diagram ? (What version of haproxy are you using ?) > 1. Below, I redraw my architecture by ascii format. > +-------+ > +---> | WEB01 | <---+ > | +-------+ | > +---------+ +---------+ | | > +------------+ > | Browser | <-------> | HAProxy | <---+ +---> | CAS > Server | > +---------+ +---------+ | | > +------------+ > | +-------+ | > +---> | WEB02 | <---+ > +-------+ > > 2. I put whole HAProxy configure: > listen tda_web_http 0.0.0.0:80 > mode http > reqadd X-Forwarded-Proto:\ http > option tcpka > no option http-server-close > stats enable > stats refresh 10s > stats uri /status > stats realm Haproxy\ statistics > log global > timeout server 10m > timeout client 10m > balance source > cookie JSESSIONID prefix > cookie CASTGC indirect preserve secure > capture cookie CASTGC len 63 > option httpclose > option forwardfor > option httplog > server web01 10.10.0.1:8080 cookie web01 weight 50 check > inter 4000 > server web02 10.10.0.2:8080 cookie web02 weight 50 check > inter 4000 How are you trying to achieve session persistence ? Looks like you have "balance source" and "cookie JSESSIONID" / "cookie CASTGC" persistence options in your config. Some of the options are probably redundant. Does your web/cas servers send the CASTGC cookie with secure flag ? Have you tried with tcpdump (on haproxy server) to see what the webservers / browser send/receive ? > 3. Below is our HAProxy's partial debug log : If you need persistence, does your httplog show that all requests that shoud go to same server actually go there ? -Jarno -- Jarno Huuskonen
