Hi Nik. Am 18.08.19 um 15:25 schrieb Nik Mihelioudakis: > Hi Aleksander, > > Thanks for a quick response > > Here are the details you requested > > /usr/sbin/haproxy -vv > HA-Proxy version 1.5.18 2016/05/10 > Copyright 2000-2016 Willy Tarreau <[email protected]>
Okay you are on a rpm based system. Can you try to use a more modern version of haproxy? You can try to use this repo https://github.com/AxisNL/haproxy-rpmbuild > Build options : [snipp] > > The relevant configuration is as follows I hope you have some timeouts settings. > frontend fe_WebLogic > bind *:8854 > mode http > option httplog > option http_proxy > option forwardfor You want this to get the IP from client in X-Forwarded-For header option forwardfor header X-Real-IP http://cbonte.github.io/haproxy-dconv/1.5/configuration.html#4.2-option%20forwardfor > default_backend be_Weblogic > > backend be_Weblogic > mode http > option httpchk OPTIONS / This is default so useless, IMHO. http://cbonte.github.io/haproxy-dconv/1.5/configuration.html#4-option%20httpchk > cookie SERVERID insert indirect nocache > stick-table type string len 52 size 5M expire 30m > stick on urlp(jsessionid,;) I'm not sure if this makes sense here. just comment it out and use only the SERVERID Cookie. > stick on cookie(JSESSIONID) There is no Cookie in your dump below. I would replace it with stick on cookie(SERVERID) > balance roundrobin > server server1 10.1.1.134:7779 weight 1 check cookie s1 port 7779 > inter 20s > server server2 10.1.1.135:7779 weight 1 check cookie s2 port 7779 > inter 20s > > > And finally the (lengthy) output of the haproxy -d output. Great. > 00000000:fe_WebLogic.accept(0008)=0010 from [127.0.0.1:59160] [snipp] > 00000003:fe_WebLogic.accept(0008)=0010 from [127.0.0.1:59168] > 00000003:fe_WebLogic.clireq[0010:ffffffff]: GET > /forms/frmservlet?config=standaloneapp&standaloneapp=true&standaloneappver=12.2.1.3&ifsessid=WLS_FORMS.formsapp.400&acceptLanguage=en-us&ifcmd=startsession&iflocale=en-US > HTTP/1.1 > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: Host: server.test.com > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: X-Real-IP: 10.1.1.108 > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: Connection: close > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: Cache-Control: no-cache > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: Pragma: no-cache > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: User-Agent: Java/1.8.0_181 > 00000003:fe_WebLogic.clihdr[0010:ffffffff]: Accept: text/html, image/gif, > image/jpeg, *; q=.2, */*; q=.2 > 00000003:be_Weblogic.srvrep[0010:0011]: HTTP/1.1 200 OK > 00000003:be_Weblogic.srvhdr[0010:0011]: Date: Sun, 18 Aug 2019 13:05:08 GMT > 00000003:be_Weblogic.srvhdr[0010:0011]: Server: Oracle-HTTP-Server > 00000003:be_Weblogic.srvhdr[0010:0011]: Cache-Control: no-cache,no-store > 00000003:be_Weblogic.srvhdr[0010:0011]: Content-Length: 90 > 00000003:be_Weblogic.srvhdr[0010:0011]: Connection: close > 00000003:be_Weblogic.srvhdr[0010:0011]: Content-Type: text/plain;charset=UTF-8 As I assumed Weblogic does only rewrite the body with the jsession id and don't send any header with that information. > 00000003:be_Weblogic.srvcls[0010:0011] > 00000003:be_Weblogic.clicls[0010:0011] > 00000003:be_Weblogic.closed[0010:0011] > 00000004:fe_WebLogic.accept(0008)=0010 from [127.0.0.1:59170] > 00000004:fe_WebLogic.clireq[0010:ffffffff]: GET > /forms/lservlet;jsessionid=6myk1NmDcWR2t5m6cWsq_LnouLbbjLY92xtVGIBVxyvFMO43NSGV!-217731231?ifcmd=getinfo&ifhost=WIN10-TEST-VM1&ifip=169.254.195.131&fsalchecksum=%2FdlZU4MnGGqT4D7u1IkQPg%3D%3D It's magic, here is now the jsessionid. > HTTP/1.1 > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: Host: server.test.com > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: X-Real-IP: 10.1.1.108 > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: Connection: close > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: Cache-Control: no-cache > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: Pragma: no-cache > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: User-Agent: Java/1.8.0_181 > 00000004:fe_WebLogic.clihdr[0010:ffffffff]: Accept: text/html, image/gif, > image/jpeg, *; q=.2, */*; q=.2 > 00000004:be_Weblogic.srvrep[0010:0011]: HTTP/1.1 200 OK > 00000004:be_Weblogic.srvhdr[0010:0011]: Date: Sun, 18 Aug 2019 13:05:08 GMT > 00000004:be_Weblogic.srvhdr[0010:0011]: Server: Oracle-HTTP-Server > 00000004:be_Weblogic.srvhdr[0010:0011]: Cache-Control: no-cache,no-store > 00000004:be_Weblogic.srvhdr[0010:0011]: Content-Length: 132 > 00000004:be_Weblogic.srvhdr[0010:0011]: Connection: close > 00000004:be_Weblogic.srvhdr[0010:0011]: Content-Type: text/plain;charset=UTF-8 > 00000004:be_Weblogic.srvcls[0010:0011] > 00000004:be_Weblogic.clicls[0010:0011] > 00000004:be_Weblogic.closed[0010:0011] > > In the highlighted entry is where the "jsessionid" is sent to the client, and > from the debug it seems that haproxy doesn't examine the reply, or at least it > is not shown in the debug. >From my point of view have you now several options Try to use `stick on cookie(SERVERID)` and see if it fix your case. Setup weblogic server to add the set-cookie into the header. e. g. https://docs.oracle.com/cd/E24329_01/web.1211/e21049/sessions.htm#i139724 * use res.cook when a set-cookie is send by weblogic stick store-response res.cook(JSESSIONID) http://cbonte.github.io/haproxy-dconv/1.5/configuration.html#7.3.6-res.cook * use newer haproxy with lua where you can get the jsessionid from the response body. I have never used it before but the doc means it's possible. https://www.haproxy.com/blog/5-ways-to-extend-haproxy-with-lua/ => AppletHTTP.receive http://www.arpalert.org/src/haproxy-lua-api/2.0dev/index.html#AppletHTTP.receive > ** > > Kind Regards, > * > **N Mihelioudakis* > > E: [email protected] Regards Aleks
