IBM Support

IT20994: DATAPOWER DOES NOT SET A PROPER DPJSESSION COOKIE WHEN THE COOKIE WITH AN INVALID ROUTING ID PART COMES WITH A REQUEST

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The expiration of the DPJSESSIONID cookies is kind of a
    "session cookie". I.e. the expiration is not set, and thus is
    assumed the cookie holds till the client ends his/her session -
    e.g. closes the browser.
    
    In the active-conditional it's different, as it's governed by a
    response Set-Cookie header, so the cookie creating is actually
    left for the backend to resolve.
    
    [active:
        The DataPower appliance forces session affinity for every
    HTTP request irrespective of the need for session affinity by
    the remote server application.
    
    active-conditional:
        The DataPower appliance forces session affinity when the
    remote server application indicates that session affinity is
    required. The list of monitored cookies is used to verify that
    the remote server is requesting session affinity.]
    

Local fix

  • Workaround could be to name the cookie name - DPJSESSIONID
    differently across DC's. But it may still break client
    sessions. This fix will need to be applied to prevent  that
    behavior.
    

Problem summary

  • Affected are all customers using a Load Balancer with session
    affinity.
    
    In a failover scenario the HTTP client is left with a
    DPJSESSIONID cookie of the failed server even though requests
    now flow to a different one at which time the cookie should get
    updated accordingly.
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    IT20994

  • Reported component name

    DATAPOWER

  • Reported component ID

    DP1234567

  • Reported release

    720

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-06-12

  • Closed date

    2017-07-25

  • Last modified date

    2017-08-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    DATAPOWER

  • Fixed component ID

    DP1234567

Applicable component levels

  • R710 PSN

       UP

  • R720 PSN

       UP

  • R750 PSN

       UP

  • R751 PSN

       UP

  • R752 PSN

       UP

  • R760 PSN

       UP



Document information

More support for: IBM DataPower Gateways
General

Software version: 7.2

Reference #: IT20994

Modified date: 11 August 2017