Hi, Your configuration seems correct to me. In your first post you said that it is working for 3.3.0 but not 3.3.2, then maybe this is an application issue. Are you sure 3.3.2 does sent the JSESSIONID.
Also you mentioned the application extensively uses Websockets. Is it only 3.3.2 using websockets ? if that is the case this may be a good lead since HAProxy does not handle websockets traffic in the same way as it does for normal http traffic. ++ On 23/11/2017 08:43, Coscend@Coscend wrote: > > Dear HAProxy Community, > > > > This is a follow up on a previous post after doing several additional > configuration changes and tests. We would appreciate your insights to > resolve the issue we are facing with non-capture of application > session cookie in HAProxy logs. > > > > HAProxy 1.7.9 provides SSL termination and reverse proxy to our > Java-based HTML5 Web application. The application extensively uses > WebSockets. This application generates a session cookie that contains > a JSESSIONID for session stickiness and authentication. We would like > to capture the cookie contained in the request and response. With the > configuration below, HAProxy fails to capture the session cookie as > per the logs (see below). > > > > How could we refine our configuration? Or, is it a known limitation > in HAProxy regarding application session cookie? > > > > Login page URL loads via HAProxy with a JSESSIONID: > https://coscend.com/CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79 > > > > HAProxy.cfg > > -------------- > > global > > … > > defaults > > … > > frontend webapps-frontend > > bind *:80 name http > > bind *:443 name https ssl crt "$SSL_CRT_FILE" > > option forwardfor > > http-request set-header X-Forwarded-Port %[dst_port] > > http-request set-header X-Forwarded-Proto https if { ssl_fc } > > option httplog > > log global > > option log-separate-errors > > … > > capture cookie JSESSIONID len 63 > > capture request header Host len 64 > > … > > capture response header Server len 20 > > … > > acls… > > acl host_coscend_http req.hdr(Host) coscend.com > > acl host_coscend_https req.hdr(Host) coscend.com > > … > > use_backend subdomain_cc … > > > > backend subdomain_cc > > timeout tunnel > 3600s > > > > option > http-buffer-request > > > > http-request set-header Host bk.coscend.local:6080 > > http-request set-header Origin "bk.coscend.local:6080" > > > stick-table type string len 63 size 20M expire 360m > > stick store-response res.cook(JSESSIONID) > > stick match req.cook(JSESSIONID) > > #stick store-request req.cook(JSESSIONID) > > acl hdr_location res.hdr(Location) -m found > > rspirep ^(Location:)\ > http://bk.coscend.local:6080/CoscendCC.Test/(.*)$ Location:\ > https://coscend.com/CoscendCC.Test/\2 if hdr_location > > > > acl hdr_set_cookie_domain res.hdr(Set-cookie) -m found sub > Domain=bk.coscend.local > > rspirep ^(Set-Cookie:.*)\ Domain=bk.coscend.local(.*) \1\ > Domain=coscend.com\2 if hdr_set_cookie_domain > > acl hdr_set_cookie_path_cc_test res.hdr(Set-cookie) -m found sub Path= > > rspirep ^(Set-Cookie:.*)\ Path=(.*)$ \1\ Path=/CoscendCC.Test\2 if > hdr_set_cookie_path_cc_test > > > > server CoscendCC.Test bk.coscend.local:6080 cookie cc-tt-d check > > > > LOG > > ------ > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.574] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/7/7 302 139 - - ---- 1/1/0/0/0 0/0 > {|coscend.com||} {|||||/CoscendCC.Test|||||||||chunked||||} "GET > /CoscendCC.Test HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.574] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/7/7 302 139 - - ---- 1/1/0/0/0 0/0 > {|coscend.com||} {|||||/CoscendCC.Test|||||||||chunked||||} "GET > /CoscendCC.Test HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.588] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/10/10 302 343 - > JSESSIONID=E916C54BB7A9EA30E3EC9021AEF4CB79 ---- 1/1/0/0/0 0/0 > {|coscend.com||} > {||0|no-cache||./signin;jsessionid=||||||||no-cache|||||} "GET > /CoscendCC.Test/ HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.588] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/10/10 302 343 - > JSESSIONID=E916C54BB7A9EA30E3EC9021AEF4CB79 ---- 1/1/0/0/0 0/0 > {|coscend.com||} > {||0|no-cache||./signin;jsessionid=||||||||no-cache|||||} "GET > /CoscendCC.Test/ HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.606] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/102/103 200 17936 - - ---- 1/1/0/0/0 > 0/0 {|coscend.com||} {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79 > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.606] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/102/103 200 17936 - - ---- 1/1/0/0/0 > 0/0 {|coscend.com||} {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/signin;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79 > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/6/7 200 37037 - - ---- 6/6/5/5/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||36754|private|||||||||||||||} "GET > /CoscendCC.Test/css/theme.min.css HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/6/7 200 37037 - - ---- 6/6/5/5/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||36754|private|||||||||||||||} "GET > /CoscendCC.Test/css/theme.min.css HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/4/9 200 31354 - - ---- 6/6/4/4/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||31071|private|||||||||||||||} "GET > /CoscendCC.Test/css/theme_om/jquery-ui.min.css HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/4/9 200 31354 - - ---- 6/6/4/4/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||31071|private|||||||||||||||} "GET > /CoscendCC.Test/css/theme_om/jquery-ui.min.css HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 > [23/Nov/2017:01:29:59.766] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/13 200 226575 - - ---- 6/6/3/4/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||226247|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.common.min-ver-8A3704789F34B31A2CDF93FA6821B677.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 > [23/Nov/2017:01:29:59.766] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/13 200 226575 - - ---- 6/6/3/4/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||226247|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.common.min-ver-8A3704789F34B31A2CDF93FA6821B677.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.767] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/12/17 200 74365 - - ---- 6/6/2/2/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||74038|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.default.min-ver-0A155AEB6D10327A05ADE80441C82B72.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.767] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/12/17 200 74365 - - ---- 6/6/2/2/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||74038|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.default.min-ver-0A155AEB6D10327A05ADE80441C82B72.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/11/18 200 112970 - - ---- 6/6/1/2/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||112642|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.default.mobile.min-ver-0F7D5348F49A4944681805E12457E9E0.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.768] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/11/18 200 112970 - - ---- 6/6/1/2/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||112642|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.default.mobile.min-ver-0F7D5348F49A4944681805E12457E9E0.css > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.757] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/30/34 200 86916 - - ---- 6/6/0/1/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||86575|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60014 > [23/Nov/2017:01:29:59.757] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/30/34 200 86916 - - ---- 6/6/0/1/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||86575|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.806] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/3/3 200 5538 - - ---- 6/6/4/4/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||5198|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/res/js/wicket-event-jquery-ver-E34C6FE16C54FE3DF3591290A48A496A.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.806] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/3/3 200 5538 - - ---- 6/6/4/4/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||5198|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/res/js/wicket-event-jquery-ver-E34C6FE16C54FE3DF3591290A48A496A.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 > [23/Nov/2017:01:29:59.808] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/5 200 49654 - - ---- 6/6/3/2/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||49313|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/res/js/wicket-ajax-jquery-ver-F8010FEDC5FD9B05434A6023763E3050.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60015 > [23/Nov/2017:01:29:59.808] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/5 200 49654 - - ---- 6/6/3/2/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||49313|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.ajax.AbstractDefaultAjaxBehavior/res/js/wicket-ajax-jquery-ver-F8010FEDC5FD9B05434A6023763E3050.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.808] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/4 200 1972 - - ---- 6/6/2/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||1632|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.markup.html.pages.BrowserInfoForm/wicket-browser-info-ver-1B39F312E99A7047E967FDBBFE35211B.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.808] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/4/4 200 1972 - - ---- 6/6/2/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||1632|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.wicket.markup.html.pages.BrowserInfoForm/wicket-browser-info-ver-1B39F312E99A7047E967FDBBFE35211B.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 > [23/Nov/2017:01:29:59.794] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/9/21 200 252879 - - ---- 6/6/1/1/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||252537|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.jquery.ui.resource.JQueryUIResourceReference/jquery-ui-ver-0A819924D70A18322660DEE759225D2B.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60016 > [23/Nov/2017:01:29:59.794] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/9/21 200 252879 - - ---- 6/6/1/1/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||252537|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.jquery.ui.resource.JQueryUIResourceReference/jquery-ui-ver-0A819924D70A18322660DEE759225D2B.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.831] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 810 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||471|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.coscendcc.web.common.MainPanel/main-ver-FEAEFD3550212BD00D7AA7077A9284CA.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60017 > [23/Nov/2017:01:29:59.831] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 810 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||471|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.apache.coscendcc.web.common.MainPanel/main-ver-FEAEFD3550212BD00D7AA7077A9284CA.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:29:59.803] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/8/46 200 793589 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||793247|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.resource.KendoUIJavaScriptResourceReference/kendo.ui.core.min-ver-BE95097F3DA64C6922D49161284F7AE8.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:29:59.803] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/8/46 200 793589 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {||793247|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.resource.KendoUIJavaScriptResourceReference/kendo.ui.core.min-ver-BE95097F3DA64C6922D49161284F7AE8.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.895] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/3/4 200 3284 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||2944|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.wicketstuff.urlfragment.UrlParametersReceivingBehavior/urlfragment-ver-DBC507E012E2A775149FD09196030D3D.js > HTTP/1.1" > > Nov 23 01:29:59 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.895] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/3/4 200 3284 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||2944|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/org.wicketstuff.urlfragment.UrlParametersReceivingBehavior/urlfragment-ver-DBC507E012E2A775149FD09196030D3D.js > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.998] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/73/75 200 26319 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {|||max-age=||||||||||cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--register-form-captcha-captcha > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:29:59.998] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/73/75 200 26319 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {|||max-age=||||||||||cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--register-form-captcha-captcha > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.081] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/32/33 200 22867 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {|||max-age=||||||||||cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--forget-form-captcha-captcha > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.081] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/32/33 200 22867 - - ---- 6/6/0/0/0 > 0/0 {|coscend.com||https://coscend.com/Co} > {|||max-age=||||||||||cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1--forget-form-captcha-captcha > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:30:00.246] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/2/3 200 3710 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} {||3428|private|||||||||||||||} > "GET /CoscendCC.Test/css/images/logo.png HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:30:00.246] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/2/3 200 3710 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} {||3428|private|||||||||||||||} > "GET /CoscendCC.Test/css/images/logo.png HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.245] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/5/6 200 64488 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||64184|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/images/kendoui.woff?v=1.1 > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.245] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/5/6 200 64488 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||64184|max-age=||||||||||cache|||||} "GET > /CoscendCC.Test/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/images/kendoui.woff?v=1.1 > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.322] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/2/4 200 4831 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} {||4549|private|||||||||||||||} > "GET /CoscendCC.Test/css/theme_om/images/ui-icons_3d80b3_256x240.png > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.322] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/2/4 200 4831 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} {||4549|private|||||||||||||||} > "GET /CoscendCC.Test/css/theme_om/images/ui-icons_3d80b3_256x240.png > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:30:00.368] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 11553 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||11294|private|||||||||||||||} "GET > /CoscendCC.Test/public/favicon.ico HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60019 > [23/Nov/2017:01:30:00.368] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/0/2/2 200 11553 - - ---- 6/6/1/1/0 0/0 > {|coscend.com||https://coscend.com/Co} > {||11294|private|||||||||||||||} "GET > /CoscendCC.Test/public/favicon.ico HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.366] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/5/7 200 312 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-&_=1511422199788& > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.366] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/5/7 200 312 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-&_=1511422199788& > HTTP/1.1" > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.429] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/4/5 200 388 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-signin&_=1511422199789&navigatorAppName=Netscape&navigatorAppVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F62.0.3202.94%20Safari%2F537.36&navigatorAppCodeName=Mozilla&navigatorCookieEnabled=true&navigatorJavaEnabled=false&navigatorLanguage=en-US&navigatorPlatform=Win32&navigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F62.0.3202.94%20Safari%2F537.36&screenWidth=1600&screenHeight=900&screenColorDepth=24&utcOffset=-6& > > Nov 23 01:30:00 localhost haproxy[6585]: 192.168.100.152:60018 > [23/Nov/2017:01:30:00.429] webapps-frontend~ > subdomain_cc/CoscendCC.Test 0/0/1/4/5 200 388 - - ---- 6/6/0/0/0 0/0 > {|coscend.com||https://coscend.com/Co} > {|||no-cache||||||||||no-cache|chunked||||} "GET > /CoscendCC.Test/wicket/bookmarkable/org.apache.coscendcc.web.pages.auth.SignInPage;jsessionid=E916C54BB7A9EA30E3EC9021AEF4CB79?1-1.0-signin&_=1511422199789&navigatorAppName=Netscape&navigatorAppVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F62.0.3202.94%20Safari%2F537.36&navigatorAppCodeName=Mozilla&navigatorCookieEnabled=true&navigatorJavaEnabled=false&navigatorLanguage=en-US&navigatorPlatform=Win32&navigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F62.0.3202.94%20Safari%2F537.36&screenWidth=1600&screenHeight=900&screenColorDepth=24&utcOffset=-6& > > > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > > > Coscend Communications Solutions > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted > at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > > > > > > *From:* Coscend@Coscend [mailto:[email protected]] > *Sent:* Thursday, September 21, 2017 2:27 PM > *To:* [email protected] > *Subject:* HAProxy 1.7.9 Not Capturing Application Session Cookie > > > > Dear HAProxy Community, > > > > Your guidance on the following issue we are facing would be appreciated. > > > > CONTEXT > > ---------- > > We are running two versions of our application--APP-3.3.0 and > APP-3.3.2--on the same server and same environment. Both the APPs are > running perfectly if we directly access them, while bypassing HAProxy. > > > > ISSUE > > --------- > > While accessing these APPs through HAProxy, > > 1. APP-3.3.0: HAProxy is capturing JSESSIONID in logs. > > 2. APP-3.3.2: HAProxy is NOT capturing JSESSIONID in logs. > > > > > > QUESTION > > ---------------- > > Could you please advise how HAProxy captures application session > cookies? > > Is the capture portion of our HAProxy config below incorrect? > > Or, is there a problem with our APP-3.3.2? > > Thank you. > > > > > > =========LOGS and CONFIG PARAMETERS============= > > > > HAProxy logs > > ----------------- > > APP-3.3.0: HAProxy captures JSESSIONID in each log line. > > Sep 21 13:36:07 localhost haproxy[10415]: 192.168.100.152:56085 > [21/Sep/2017:13:36:07.914] webapps-frontend~ > subdomain-backend/APP-3.3.0 0/0/0/3/10 200 86916 > JSESSIONID=66BC3A6F228503A5D39F4B8E6F1FF951 - ---- 6/6/0/0/0 0/0 > {<ourdomain>.com||https://<ourdomain>.com/Co} > {|86575|max-age=||||||||||cache|||||} "GET > /APP-3.3.0/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js > HTTP/1.1" > > > > > > APP-3.3.2: JSESSIONID is missing in majority of the log lines. > > Sep 21 13:39:23 localhost proxy-server[10517]: 192.168.100.152:56391 > [21/Sep/2017:13:39:23.450] webapps-frontend~ > subdomain-backend/APP-3.3.2 0/0/1/4/8 200 86916 - - ---- 6/6/0/0/0 0/0 > {<ourdomain>.com||https://<ourdomain>.com/Co} > {|86575|max-age=||||||||||cache|||||} "GET > /APP-3.3.2/wicket/resource/org.apache.wicket.resource.JQueryResourceReference/jquery/jquery-3.2.1-ver-3B390F5614B3789CE71FFA5C856AA35E.js > HTTP/1.1" > > > > > > HAProxy 1.7.9 config (Relevant portion) > > ====================== > > … > > frontend webapps-frontend > > … > > http-request set-header X-Forwarded-Port %[dst_port] > > http-request set-header X-Forwarded-Proto https if { ssl_fc } > > > > ### Logging options > > option httplog > > log global > > #option logasap > > > > capture cookie JSESSIONID len 124 > > capture request header Host len 64 > > capture request header Content-Length len 10 > > capture request header Referer len 32 > > capture response header Server len 20 > > capture response header Content-Length len 10 > > capture response header Cache-Control len 8 > > capture response header Via len 20 > > capture response header Location len 20 > > capture response header X-Backend-Server-Name len 20 > > > > capture response header Content-Security-Policy len 128 > > capture response header Strict-Transport-Security len 64 > > capture response header X-Frame-Options len 32 > > capture response header X-XSS-Protection len 32 > > capture response header X-Content-Type-Options len 32 > > capture response header Referrer-Policy len 32 > > capture response header Pragma len 32 > > capture response header Transfer-Encoding len 32 > > > > capture response header Access-Control-Allow-Origin len 32 > > capture response header Access-Control-Allow-Headers len 32 > > capture response header Access-Control-Allow-Methods len 32 > > capture response header Access-Control-Allow-Credentials len 20 > > > > backend subdomain-backend > > http-response set-header Strict-Transport-Security > "max-age=31536000; includeSubDomains; preload" > > http-response set-header X-Frame-Options "SAMEORIGIN" # or "DENY" > > http-response set-header X-XSS-Protection "1; mode=block" > > http-response set-header X-Content-Type-Options "nosniff" > > http-response set-header Referrer-Policy > "no-referrer-when-downgrade" > > > > http-response set-header Pragma "no-cache" #Deprecated, only for > backwards compatibility with HTTP/1.0 clients. > > http-response set-header Cache-Control "nocache, no-store" > > > > > > > http-response set-header Access-Control-Allow-Origin "*" > #"%%{AccessControlAllowOrigin} env=AccessControlAllowOrigin" > > http-response set-header Access-Control-Allow-Headers "Origin, > X-Requested-With, Content-Type, Accept, X-CSRF-Token, X-XSRF-TOKEN" > > http-response set-header Access-Control-Allow-Methods "GET, POST, > PUT, DELETE, OPTIONS" > > http-response set-header Access-Control-Allow-Credentials "true" > > > > http-response set-header X-Backend-Server-Name %s > > > > > > <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> > > > > Virus-free. www.avg.com > <http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> > > > > -- Moemen MHEDHBI
