Willy,
Thanks for your reply, it is appreciated. I have this working behind an
old F5 at the moment with an iRule to try and recreate the users
jsession cookie, it works but is a bit of a mess. I think I can
replicate the way that works in HAproxy but I was hoping that there may
be some magic feature! Eventually I will get the sites rebuilt to use
backend session persistence and this will all become very simple.
Regards,
Duncan
On 08/04/13 15:47, Willy Tarreau wrote:
Hi Duncan,
On Mon, Apr 08, 2013 at 02:53:06PM +1000, Duncan Hall wrote:
Hi,
I have a website that acts as the SSL ecommerce checkout for several
other sites. All of the sites are on the same public IP and live in a
cluster of tomcat servers.
I need to maintain session persistence when moving from one domain to
the SSL enabled domain and from http to https. Can anyone point me at a
config example for this using Haproxy 1.5dev?
It's not a matter of configuration but of application architecture,
and only that. The browser will try hard not to share anything between
multiple domains, including cookies & SSLID.
So first, you need to find a way to communicate between your sites.
Sometimes people use "shop.$domain" instead of "www.$domain" so that
cookies are kept between the two. Other methods consist in passing a
signed token in links or redirected URLs between the domains.
As you can see it's mainly a matter of designing the application for
that. Once you have choosen a way for your application to work, then
we can imagine various methods to keep the persistence between the
servers ; if the element that is passed between the two is available
in requests/responses on both sides, it should be doable to stick on
it. Sometimes an URL parameter can be very effective for this : the
server just has to pass its name in a URL param, and it's then easy
to pick it on the next request.
Hoping this helps,
Willy
