Case Study: Session Sticky Problems With Oracle iPlanet Web Server 7 Reverse Proxy
(Doc ID 1540334.1)
Last updated on APRIL 18, 2018
Applies to:Oracle iPlanet Web Server - Version 7.0 and later
Information in this document applies to any platform.
On Oracle iPlanet Web Server 7.0u8 version using the reverse proxy in the following deployment setup:
LB--->iPlanet config with 1 Virtual Server and 2 Listen Sockets on port 80 and port 443 ---> 2 IIS Servers (Coldfusion App)
The two IIS servers have port 80 and 443 listeners. The site is an eCommerce site having both secure content and non-secure.
The Web Server reverse proxy setup to the IIS Servers is configured like this:
ObjectType fn="ssl-client-config" validate-server-cert="false"
ObjectType fn="http-client-config" keep-alive-timeout="180" always-use-keep-alive="true"
Route fn="set-origin-server" sticky-cookie="WEBSERVERID" sticky-param="WEBSERVERID" server="http://xxx.xxx.xxx.170:80" server="http://xxx.xxx.xxx.171:80"
Route fn="set-origin-server" sticky-cookie="WEBSERVERID" sticky-param="WEBSERVERID" server="https://xxx.xxx.xxx.170:443" server="https://xxx.xxx.xxx.171:443"
The problem happens when a client navigates from the port 80 content to port 443 content (or vice versa). The session is not sticking to the same server. Using LiveHTTPHeaders we can see that the same WEBSERVERID cookie is being passed from the browser when going from 80 to 443, but because it is a different origin server pool iPlanet does not maintain the session stickiness to the same origin server of the same ip with a different port.
The problem is sessions maintenance in the Web Server reverse proxy are not sticking when navigating from the port 80 part if the site to 443 part of the website.
Sessions should persist and stick to the same origin server.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document