Re: HAProxy 1.7.5 cookie JSESSIONID prefix not working

Tue, 30 May 2017 14:57:02 -0700 

Hi Norman,

Le 30/05/2017 à 23:39, Norman Branitsky a écrit :

I modified the server line thus:

server id-dv-dcavr-01 10.90.10.53:9001 check cookie id-dv-dcavr-01



Now the server name appears as a prefix with a "~" separator.

(It used to appear as a suffix with a "." separator.)
No, appsession never did that. It doesn't modify the cookie value. If a suffix was added, it was done by the application server, I guess the jvmRoute parameter in your case. I suspect you have also modified the configuration of you app servers and didn't set this parameter during the switch from haproxy 1.5 to 1.7. 



JSESSIONID=id-dv-dcavr-01~E8C5XXXXXXXXE4A2; path=/le5;
domain=cadca-vr.irondatacorp.com; Secure; HttpOnly



I can now successfully login to the 2 different servers.



You ask

“Also, why not use a dedicated cookie for haproxy, instead of humping
JSESSIONID?”

Frankly, this never occurred to me.

When I started with HAProxy 1.5, 4 years ago,

I looked for example configurations for fronting JBoss and Tomcat.

The documentation always referred to:

appsession JSESSIONID len 52 timeout 3h



Are you suggesting I do something like this instead?

cookie HAPROXYID insert nocache



-----Original Message-----
From: Lukas Tribus [mailto:[email protected]]
Sent: May-30-17 5:00 PM
To: Norman Branitsky <[email protected]>; [email protected]
Subject: Re: HAProxy 1.7.5 cookie JSESSIONID prefix not working



Hello Norman,





Am 30.05.2017 um 18:06 schrieb Norman Branitsky:






The server’s identifier is not added to the cookie.








Did you specify the cookie value on the server line [1], as per [2]:




The value of the cookie will be the value indicated after the



"cookie<https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#



>" keyword in a "server





<https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#server>"
statement. If no cookie is declared for a given server, the cookie is
not set.





Also, why not use a dedicated cookie for haproxy, instead of humping
JSESSIONID?

Do you have clients so broken they support only one single cookie?







Regards,

Lukas





[1] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#4.2-cookie

[2] https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#5.2-cookie




--
Cyril Bonté

Reply via email to