Dear HAProxy Community,
This is a follow up on a previous post after doing several additional configuration changes and tests. We would appreciate your insights to resolve the issue we are facing with non-capture of application session cookie in HAProxy logs. HAProxy 1.7.9 provides SSL termination and reverse proxy to our Java-based HTML5 Web application. The application extensively uses WebSockets. This application generates a session cookie that contains a JSESSIONID for session stickiness and authentication. We would like to capture the cookie contained in the request and response. With the configuration below, HAProxy fails to capture the session cookie as per the logs (see below). How could we refine our configuration? Or, is it a known limitation in HAProxy regarding application session cookie? Login page URL loads via HAProxy with a JSESSIONID: https://coscend.com/CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC902 1AEF4CB79 HAProxy.cfg -------------- global . defaults . frontend webapps-frontend bind *:80 name http bind *:443 name https ssl crt "$SSL_CRT_FILE" option forwardfor http-request set-header X-Forwarded-Port %[dst_port] http-request set-header X-Forwarded-Proto https if { ssl_fc } option httplog log global option log-separate-errors . capture cookie JSESSIONID len 63 capture request header Host len 64 . capture response header Server len 20 . acls. acl host_coscend_http req.hdr(Host) coscend.com acl host_coscend_https req.hdr(Host) coscend.com . use_backend subdomain_cc . backend subdomain_cc timeout tunnel 3600s option http-buffer-request http-request set-header Host bk.coscend.local:6080 http-request set-header Origin "bk.coscend.local:6080" stick-table type string len 63 size 20M expire 360m stick store-response res.cook(JSESSIONID) stick match req.cook(JSESSIONID) #stick store-request req.cook(JSESSIONID) acl hdr_location res.hdr(Location) -m found rspirep ^(Location:)\ http://bk.coscend.local:6080/CoscendCC.Test/(.*)$ Location:\ https://coscend.com/CoscendCC.Test/\2 if hdr_location acl hdr_set_cookie_domain res.hdr(Set-cookie) -m found sub Domain=bk.coscend.local rspirep ^(Set-Cookie:.*)\ Domain=bk.coscend.local(.*) \1\ Domain=coscend.com\2 if hdr_set_cookie_domain acl hdr_set_cookie_path_cc_test res.hdr(Set-cookie) -m found sub Path= rspirep ^(Set-Cookie:.*)\ Path=(.*)$ \1\ Path=/CoscendCC.Test\2 if hdr_set_cookie_path_cc_test server CoscendCC.Test bk.coscend.local:6080 cookie cc-tt-d check LOG ------ Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.574] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/7/7 302 139 - - ---- 1/1/0/0/0 0/0 {|coscend.com||} {|||||/CoscendCC.Test|||||||||chunked||||} "GET /CoscendCC.Test HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.574] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/7/7 302 139 - - ---- 1/1/0/0/0 0/0 {|coscend.com||} {|||||/CoscendCC.Test|||||||||chunked||||} "GET /CoscendCC.Test HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.588] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/10/10 302 343 - JSESSIONID=E916C54BB7A9EA30E3EC9021AEF4CB79 ---- 1/1/0/0/0 0/0 {|coscend.com||} {||0|no-cache||./signin;jsessionid=||||||||no-cache|||||} "GET /CoscendCC.Test/ HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.588] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/10/10 302 343 - JSESSIONID=E916C54BB7A9EA30E3EC9021AEF4CB79 ---- 1/1/0/0/0 0/0 {|coscend.com||} {||0|no-cache||./signin;jsessionid=||||||||no-cache|||||} "GET /CoscendCC.Test/ HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.606] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/102/103 200 17936 - - ---- 1/1/0/0/0 0/0 {|coscend.com||} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79 HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.606] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/102/103 200 17936 - - ---- 1/1/0/0/0 0/0 {|coscend.com||} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79 HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/6/7 200 37037 - - ---- 6/6/5/5/0 0/0 {|coscend.com||https://coscend.com/Co} {||36754|private|||||||||||||||} "GET /CoscendCC.Test/css/theme.min.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/6/7 200 37037 - - ---- 6/6/5/5/0 0/0 {|coscend.com||https://coscend.com/Co} {||36754|private|||||||||||||||} "GET /CoscendCC.Test/css/theme.min.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/4/9 200 31354 - - ---- 6/6/4/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||31071|private|||||||||||||||} "GET /CoscendCC.Test/css/theme_om/jquery-ui.min.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/4/9 200 31354 - - ---- 6/6/4/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||31071|private|||||||||||||||} "GET /CoscendCC.Test/css/theme_om/jquery-ui.min.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 [23/Nov/2017:01:29:59.766] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/13 200 226575 - - ---- 6/6/3/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||226247|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.common.min-ver-8A3704789F34B31A2CDF93FA6821B677.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 [23/Nov/2017:01:29:59.766] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/13 200 226575 - - ---- 6/6/3/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||226247|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.common.min-ver-8A3704789F34B31A2CDF93FA6821B677.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.767] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/12/17 200 74365 - - ---- 6/6/2/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||74038|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.default.min-ver-0A155AEB6D10327A05ADE80441C82B72.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.767] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/12/17 200 74365 - - ---- 6/6/2/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||74038|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.default.min-ver-0A155AEB6D10327A05ADE80441C82B72.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/11/18 200 112970 - - ---- 6/6/1/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||112642|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.default.mobile.min-ver-0F7D5348F49A4944681805E12457E9E0.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.768] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/11/18 200 112970 - - ---- 6/6/1/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||112642|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/kendo.default.mobile.min-ver-0F7D5348F49A4944681805E12457E9E0.css HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.757] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/30/34 200 86916 - - ---- 6/6/0/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||86575|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.resource.JQueryResourceRef erence/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 [23/Nov/2017:01:29:59.757] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/30/34 200 86916 - - ---- 6/6/0/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||86575|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.resource.JQueryResourceRef erence/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.806] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/3/3 200 5538 - - ---- 6/6/4/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||5198|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBe havior/res/js/wicket-event-jquery-ver-E34C6FE16C54FE3DF3591290A48A496A.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.806] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/3/3 200 5538 - - ---- 6/6/4/4/0 0/0 {|coscend.com||https://coscend.com/Co} {||5198|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBe havior/res/js/wicket-event-jquery-ver-E34C6FE16C54FE3DF3591290A48A496A.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 [23/Nov/2017:01:29:59.808] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/5 200 49654 - - ---- 6/6/3/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||49313|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBe havior/res/js/wicket-ajax-jquery-ver-F8010FEDC5FD9B05434A6023763E3050.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 [23/Nov/2017:01:29:59.808] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/5 200 49654 - - ---- 6/6/3/2/0 0/0 {|coscend.com||https://coscend.com/Co} {||49313|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBe havior/res/js/wicket-ajax-jquery-ver-F8010FEDC5FD9B05434A6023763E3050.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.808] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/4 200 1972 - - ---- 6/6/2/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||1632|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.markup.html.pages.BrowserI nfoForm/wicket-browser-info-ver-1B39F312E99A7047E967FDBBFE35211B.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.808] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/4/4 200 1972 - - ---- 6/6/2/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||1632|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.wicket.markup.html.pages.BrowserI nfoForm/wicket-browser-info-ver-1B39F312E99A7047E967FDBBFE35211B.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 [23/Nov/2017:01:29:59.794] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/9/21 200 252879 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||252537|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.jquery.ui.resource.JQu eryUIResourceReference/jquery-ui-ver-0A819924D70A18322660DEE759225D2B.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 [23/Nov/2017:01:29:59.794] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/9/21 200 252879 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||252537|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.jquery.ui.resource.JQu eryUIResourceReference/jquery-ui-ver-0A819924D70A18322660DEE759225D2B.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.831] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 810 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||471|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.coscendcc.web.common.MainPanel/ma in-ver-FEAEFD3550212BD00D7AA7077A9284CA.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 [23/Nov/2017:01:29:59.831] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 810 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||471|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.apache.coscendcc.web.common.MainPanel/ma in-ver-FEAEFD3550212BD00D7AA7077A9284CA.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:29:59.803] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/8/46 200 793589 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||793247|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.resource.Kend oUIJavaScriptResourceReference/kendo.ui.core.min-ver-BE95097F3DA64C6922D4916 1284F7AE8.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:29:59.803] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/8/46 200 793589 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||793247|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.resource.Kend oUIJavaScriptResourceReference/kendo.ui.core.min-ver-BE95097F3DA64C6922D4916 1284F7AE8.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.895] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/3/4 200 3284 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||2944|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.wicketstuff.urlfragment.UrlParametersRec eivingBehavior/urlfragment-ver-DBC507E012E2A775149FD09196030D3D.js HTTP/1.1" Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.895] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/3/4 200 3284 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||2944|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/org.wicketstuff.urlfragment.UrlParametersRec eivingBehavior/urlfragment-ver-DBC507E012E2A775149FD09196030D3D.js HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.998] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/73/75 200 26319 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||max-age=||||||||||cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--register-form-captcha- captcha HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:29:59.998] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/73/75 200 26319 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||max-age=||||||||||cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--register-form-captcha- captcha HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.081] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/32/33 200 22867 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||max-age=||||||||||cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--forget-form-captcha-ca ptcha HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.081] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/32/33 200 22867 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||max-age=||||||||||cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--forget-form-captcha-ca ptcha HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:30:00.246] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/2/3 200 3710 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||3428|private|||||||||||||||} "GET /CoscendCC.Test/css/images/logo.png HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:30:00.246] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/2/3 200 3710 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||3428|private|||||||||||||||} "GET /CoscendCC.Test/css/images/logo.png HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.245] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/5/6 200 64488 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||64184|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/images/kendoui.woff?v=1.1 HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.245] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/5/6 200 64488 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||64184|max-age=||||||||||cache|||||} "GET /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initial izer/images/kendoui.woff?v=1.1 HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.322] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/2/4 200 4831 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||4549|private|||||||||||||||} "GET /CoscendCC.Test/css/theme_om/images/ui-icons_3d80b3_256x240.png HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.322] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/2/4 200 4831 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {||4549|private|||||||||||||||} "GET /CoscendCC.Test/css/theme_om/images/ui-icons_3d80b3_256x240.png HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:30:00.368] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 11553 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||11294|private|||||||||||||||} "GET /CoscendCC.Test/public/favicon.ico HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 [23/Nov/2017:01:30:00.368] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 11553 - - ---- 6/6/1/1/0 0/0 {|coscend.com||https://coscend.com/Co} {||11294|private|||||||||||||||} "GET /CoscendCC.Test/public/favicon.ico HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.366] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/5/7 200 312 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-&_=1511422199788& HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.366] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/5/7 200 312 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-&_=1511422199788& HTTP/1.1" Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.429] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/4/5 200 388 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-signin&_=1511422199 789&navigatorAppName=Netscape&navigatorAppVersion=5.0%20(Windows%20NT%2010.0 %3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20C hrome%2F62.0.3202.94%20Safari%2F537.36&navigatorAppCodeName=Mozilla&navigato rCookieEnabled=true&navigatorJavaEnabled=false&navigatorLanguage=en-US&navig atorPlatform=Win32&navigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3 B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chr ome%2F62.0.3202.94%20Safari%2F537.36&screenWidth=1600&screenHeight=900&scree nColorDepth=24&utcOffset=-6& Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 [23/Nov/2017:01:30:00.429] webapps-frontend~ subdomain_cc/CoscendCC.Test 0/0/1/4/5 200 388 - - ---- 6/6/0/0/0 0/0 {|coscend.com||https://coscend.com/Co} {|||no-cache||||||||||no-cache|chunked||||} "GET /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.Sign InPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-signin&_=1511422199 789&navigatorAppName=Netscape&navigatorAppVersion=5.0%20(Windows%20NT%2010.0 %3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20C hrome%2F62.0.3202.94%20Safari%2F537.36&navigatorAppCodeName=Mozilla&navigato rCookieEnabled=true&navigatorJavaEnabled=false&navigatorLanguage=en-US&navig atorPlatform=Win32&navigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3 B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chr ome%2F62.0.3202.94%20Safari%2F537.36&screenWidth=1600&screenHeight=900&scree nColorDepth=24&utcOffset=-6& Thank you. Sincerely, Hemant K. Sabat Coscend Communications Solutions <http://www.coscend.com/> www.Coscend.com ------------------------------------------------------------------ Real-time, Interactive Video Collaboration, Tele-healthcare, Tele-education, Telepresence Services, on the fly. ------------------------------------------------------------------ CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail Messages from Coscend Communications Solutions' posted at: http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html From: Coscend@Coscend [mailto:[email protected]] Sent: Thursday, September 21, 2017 2:27 PM To: [email protected] Subject: HAProxy 1.7.9 Not Capturing Application Session Cookie Dear HAProxy Community, Your guidance on the following issue we are facing would be appreciated. CONTEXT ---------- We are running two versions of our application--APP-3.3.0 and APP-3.3.2--on the same server and same environment. Both the APPs are running perfectly if we directly access them, while bypassing HAProxy. ISSUE --------- While accessing these APPs through HAProxy, 1. APP-3.3.0: HAProxy is capturing JSESSIONID in logs. 2. APP-3.3.2: HAProxy is NOT capturing JSESSIONID in logs. QUESTION ---------------- Could you please advise how HAProxy captures application session cookies? Is the capture portion of our HAProxy config below incorrect? Or, is there a problem with our APP-3.3.2? Thank you. =========LOGS and CONFIG PARAMETERS============= HAProxy logs ----------------- APP-3.3.0: HAProxy captures JSESSIONID in each log line. Sep 21 13:36:07 localhost haproxy[10415]: 192.168.100.152:56085 [21/Sep/2017:13:36:07.914] webapps-frontend~ subdomain-backend/APP-3.3.0 0/0/0/3/10 200 86916 JSESSIONID=66BC3A6F228503A5D39F4B8E6F1FF951 - ---- 6/6/0/0/0 0/0 {<ourdomain>.com||https://<ourdomain>.com/Co} {|86575|max-age=||||||||||cache|||||} "GET /APP-3.3.0/wicket/resource/org.apache.wicket.resource.JQueryResourceReferenc e/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js HTTP/1.1" APP-3.3.2: JSESSIONID is missing in majority of the log lines. Sep 21 13:39:23 localhost proxy-server[10517]: 192.168.100.152:56391 [21/Sep/2017:13:39:23.450] webapps-frontend~ subdomain-backend/APP-3.3.2 0/0/1/4/8 200 86916 - - ---- 6/6/0/0/0 0/0 {<ourdomain>.com||https://<ourdomain>.com/Co} {|86575|max-age=||||||||||cache|||||} "GET /APP-3.3.2/wicket/resource/org.apache.wicket.resource.JQueryResourceReferenc e/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js HTTP/1.1" HAProxy 1.7.9 config (Relevant portion) ====================== . frontend webapps-frontend . http-request set-header X-Forwarded-Port %[dst_port] http-request set-header X-Forwarded-Proto https if { ssl_fc } ### Logging options option httplog log global #option logasap capture cookie JSESSIONID len 124 capture request header Host len 64 capture request header Content-Length len 10 capture request header Referer len 32 capture response header Server len 20 capture response header Content-Length len 10 capture response header Cache-Control len 8 capture response header Via len 20 capture response header Location len 20 capture response header X-Backend-Server-Name len 20 capture response header Content-Security-Policy len 128 capture response header Strict-Transport-Security len 64 capture response header X-Frame-Options len 32 capture response header X-XSS-Protection len 32 capture response header X-Content-Type-Options len 32 capture response header Referrer-Policy len 32 capture response header Pragma len 32 capture response header Transfer-Encoding len 32 capture response header Access-Control-Allow-Origin len 32 capture response header Access-Control-Allow-Headers len 32 capture response header Access-Control-Allow-Methods len 32 capture response header Access-Control-Allow-Credentials len 20 backend subdomain-backend http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" http-response set-header X-Frame-Options "SAMEORIGIN" # or "DENY" http-response set-header X-XSS-Protection "1; mode=block" http-response set-header X-Content-Type-Options "nosniff" http-response set-header Referrer-Policy "no-referrer-when-downgrade" http-response set-header Pragma "no-cache" #Deprecated, only for backwards compatibility with HTTP/1.0 clients. http-response set-header Cache-Control "nocache, no-store" http-response set-header Access-Control-Allow-Origin "*" #"%%{AccessControlAllowOrigin} env=AccessControlAllowOrigin" http-response set-header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token, X-XSRF-TOKEN" http-response set-header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" http-response set-header Access-Control-Allow-Credentials "true" http-response set-header X-Backend-Server-Name %s <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_cam paign=sig-email&utm_content=emailclient> Virus-free. <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_cam paign=sig-email&utm_content=emailclient> www.avg.com --- This email has been checked for viruses by AVG. http://www.avg.com
