Solved: CSS cookieurl: case sensitive?

jgurfinkiel · ‎06-01-2009

Hello,

As far as I understand, the HTTP header cookie field, and the embedded cookie (in a URL) are case-sensitive. Is this correct?

The settings look like this:

content stickyCookie

advanced-balance cookieurl

string prefix "SESSION_ID="

On the HTTP header the cookie field looks like this:

Set Cookie: SESSION_ID=ABCDEF

But if instead of this, the request comes from a client with the cookie embedded in the url, it looks like this:

http://localhost/Info/index;session_id=ABCDEF?page=home.

Is this field case-sensitive for the CSS? I know it is for the ACE, as I have done this and there is the "cookie secondary" command where you can specify how the url-embedded cookie looks like.

So I am afraid there is no way of making this work on a CSS?

Any help will be much appreciated!

Gilles Dufour · ‎06-02-2009

Your config with SESSIOM_ID sent by the client gives the following debug :

JUN 2 01:33:31 3/1 49 WCC-7: CsdStickinessCheck: stickytype=3

JUN 2 01:33:31 3/1 50 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee0e8f8

JUN 2 01:33:31 3/1 51 WCC-7: cookieStr="SESSION_ID=1234 HTTP/1.1"

JUN 2 01:33:31 3/1 52 WCC-7: strLen=24, rangeLen=24, conv=1

JUN 2 01:33:31 3/1 53 WCC-7: Prefix found: prefix="SESSION_ID="

The same config, but now the client sends session_id gives the following debug :

JUN 2 01:35:24 3/1 63 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee058f8

JUN 2 01:35:24 3/1 64 WCC-7: cookieStr="session_id=1234 HTTP/1.1"

JUN 2 01:35:24 3/1 65 WCC-7: strLen=24, rangeLen=24, conv=1

JUN 2 01:35:24 3/1 66 WCC-7: server cookie not found. strAction=4

So, it confirms that the CSS is case sensitive.

Gilles.

View solution in original post

sachinga.hcl · ‎06-01-2009

Hi Javier,

The Cisco CSS is case-sensitive when searching for this string.

When configuring the CSS 11000 and 11500, determine first if you need a server cookie string. If the string operation under the content rule is match-service-cookie, which is the default setting, this parameter must be configured. In this case the service cookie string is matched against the cookie contained in the HTTP header for load balancing decision.

If the string operation under the content rule is set to the hash method, this parameter is not needed. In order to select one of the available servers, the cookie contained in the HTTP header is mathematically processed using a hashing algorithm. If available, the hash algorithm assigna the connection carrying a certain cookie to the same server. This example focuses on the match-service-cookie case.

Note: Cookies are case sensitive.

Configuring the Service

training4(config># service server_g

training4(config-service[server_g])# string LV2KJK (the server cookie text)

training4(config># service server_h

training4(config-service[server_h])# string AARIKA

Configuring the Content Rule

Note: Cookies require a Layer 5 rule.

You can create a Layer 5 rule by adding a URL.

For example, .

A Layer 4 rule can be promoted to a Layer 5 rule by issuing the advanced-balance cookies command.

Choose the advanced-balance method.

training4(config-owner-content[cookie-layer5])# advanced-balance cookies

Configure the string operation.

training4(config-owner-content[cookie-layer5])# string operation ?

match-service-cookie (DEFAULT)

hash-crc32

hash-xor

hash-a

Define the starting/ending bytes.

training4(config-owner-content[cookie-layer5])# string range 1 to 200

Start byte position of cookie/url after header (Range:1-600)

Specify the prefix located in the string range.

training4(config-owner-content[cookie-layer5])# string prefix "ASPSESSION"

"Quoted textual information"(Len: 0-32)

Indicate how many bytes to skip after the starting prefix.

training4(config-owner-content[cookie-layer5])# string skip-length 9

"Quoted textual information"(Len: 0-32)

Indicate how many bytes after the prefix/skip-length make-up the string.

training4(config-owner-content[cookie-layer5])# string process-length 6

Integer value(Range: 0-64)

If no string process length is configured, search after end of string character.

training4(config-owner-content[cookie-layer5])# string eos-char "&"

"Quoted textual information"(Len: 0-5)

Specify the failover in the event that a server goes down or is suspended.

training4(config-owner-content[cookie-layer5])# sticky-serverdown-failoversticky-srcip

sticky-srcip-dstport

sticky-srcip

balance (Default)

redirect

reject

Below is an example of a cookie string, and how some of the parameters work.

ASPSESSIONJJKKJJKK=LV2KJK44444444

!--- The string prefix = ASPSESSION.

!--- The string skip-length = 9. Skip

!--- nine characters after the prefix.

!--- The string process-length = 6, which would make

!--- the string LV2KJK matching service server_g.

ASPSESSIONSQPMMJHK=AARIKAMDESLD

!--- Matches service server_h.

Below is a sample configuration for the cookie strings.

!************************** SERVICE **************************

service server_g

ip address 172.17.63.240

string LV2KJK

active

service server_h

ip address 172.17.63.241

string AARIKA

active

!*************************** OWNER ***************************

owner braden

content server-cookie

protocol tcp

vip address 172.17.63.199

port 80

advanced-balance cookies

string range 1 to 200

string prefix "ASPSESSION"

string skip-length 9

string process-length 6

add service server_g

add service server_h

active

Kindly tell if this information is of any use to you.

Sachin garg

jgurfinkiel · ‎06-01-2009

Your "Note: Cookies are case sensitive." is probably the answer.

The rest is what I already saw in the CSS documentation.

Please note that this environment is already configured with dynamic cookies (valid for individual sessions only), as this is what the requirements are.

From the ACE module:

"Depending on client and server behavior and the sequence of frames, the same cookie value may appear in the standard HTTP cookie that is present in the HTTP header, Set-Cookie message, or cookie embedded in a URL. The actual name of the cookie may differ depending on whether the cookie is embedded in a URL or appears in an HTTP header. The use of a different name for the cookie and the URL occurs because these two parameters are configurable on the server and are often set differently. For example, the Set-Cookie name may be as follows:

Set-Cookie: session_cookie = 123

The URL may be as follows:

http://www.example.com/?session-id=123"

In my case, I am using a CSS and it appears that this option of configuring the "secondary cookie" does not exist. And since the cookie is also case-sensitive, the CSS will not recognize the url-embedded cookie as the same one. THIS is what I am trying to confirm.

Thanks!

Gilles Dufour · ‎06-02-2009

Your config with SESSIOM_ID sent by the client gives the following debug :

JUN 2 01:33:31 3/1 49 WCC-7: CsdStickinessCheck: stickytype=3

JUN 2 01:33:31 3/1 50 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee0e8f8

JUN 2 01:33:31 3/1 51 WCC-7: cookieStr="SESSION_ID=1234 HTTP/1.1"

JUN 2 01:33:31 3/1 52 WCC-7: strLen=24, rangeLen=24, conv=1

JUN 2 01:33:31 3/1 53 WCC-7: Prefix found: prefix="SESSION_ID="

The same config, but now the client sends session_id gives the following debug :

JUN 2 01:35:24 3/1 63 WCC-7: CheckL5: cookie failback to URL, stickytype=3, pURL=8ee058f8

JUN 2 01:35:24 3/1 64 WCC-7: cookieStr="session_id=1234 HTTP/1.1"

JUN 2 01:35:24 3/1 65 WCC-7: strLen=24, rangeLen=24, conv=1

JUN 2 01:35:24 3/1 66 WCC-7: server cookie not found. strAction=4

So, it confirms that the CSS is case sensitive.

Gilles.