The CO/cookie flag
in mod_rewrite is potentially a very powerful tool, however as it stands now in
2.0.49, you cannot set session based cookies (cookies which expire when the
browser is closed) and you cannot set cookies without specifying the
domain.
I had both of these
requirements while writing a replacement load balancing rule set for
mod_enhydra_Director since we use an older version of the Enhydra server for
some older applications that does not support ajp13 and because there is no
mod_enhydra_director available for apache httpd 2. For those unfamiliar,
mod_enhydra_director is much like mod_jk2, but for the Enhydra application
server. The Enhydra App server was once open source and has since went to
a closed source model. We are still using an older version of the
open sourced app server. The newer versions of the app server support
ajp13, but we have no interest in upgrading as our direction is current moving
towards Tomcat. In the meantime, we must continue to support a large
number of enhydra applications but wish to move from Apache httpd 1.3 to Apache
httpd 2.0. The set of scripts and rules I've written make this possible by
load balancing to the http port of the app server and maintaining session
affinity.
In order to make
these rules, I had to patch mod_rewrite to allow for session based
cookies. Now with rewrite rules, 2 rewrite maps, and an error handler
document, I have created a configuration which allows for session affinity using
session cookies and failover using the error handling document and the perl
maps- along with the perl IPC::Cache to keep a scoreboard for the
sessions/workers. Yes, I know- the amount of work I've done implementing
this could probably have been spent on an apache module, but it started as an
experiment and evolved into something very functional and useful.
Performance tests show that it performs very close to the enhydra director
module.
I submitted an early
rendition of this patch for mod_rewrite to the bugzilla database, but have seen
no activity on it and have since rewritten the patch. Before the
modification, it was impossible to make the domain or timeout/maxage optional
parameters while still specifying others because of the strtok() and the way it
refuses to treat 2 colons as a null token. The new patch I've written
allows you to fill in a "null" value in the colon separated parameter list in
order to allow the domain and timeout/age parameters to be optional. If
you specify null for the timeout, then the cookie is a session based
cookie. It also allows you to use null for the domain to not specify the
domain, meaning the cookie is active for the current domain. The existing
semantics for the Cookie parameter continue to work as documented on the httpd
2.0 documentation.
Forgive me if this
isn't the correct place to discuss this. I'm hoping that the developers
are already considering such a change to this cookie feature because I know
my patch is not the most elegant solution- however, we have become dependant on
this functionality in order to do session affinity based load
balancing. I'd be more than happy to participate in a discussion of this
and contribute in any way possible.
Regards,
Byron
Guernsey
Senior Software Architect
GE Consumer &
Industrial Products
mod_rewrite.patch
Description: mod_rewrite.patch
