AWSALB and AWSALBCORS are 3rd party cookies in web

0

Our services are called from the websites of our customers.

We use ALB to balance and forward requests to the final targets.

Some of our services require session stickiness. AWSALB* cookies are created in our own domain, so they are considered 3rd party cookies (which they are, in fact). However, this is huge a problem, since we cannot serve clients with 3rd party cookies blocked in their browsers.

How can we handle this?

Is there a way to keep session stickiness without those cookies?

Thanks in advance.

cburaca
질문됨 2년 전6972회 조회
1개 답변
1
수락된 답변

As you know, ALB supports stickiness with cookie and the cookie could be either ALB generated or Web App generated. If it's not possible to use non of these cookie in your environment, you can think of using NLB instead of ALB. NLB is not for application load balancer and is working at layer 4. But NLB can distribute HTTP traffic and you can use stickiness with source ip address. The other thing you should consider is that Health Check of NLB is not application layer but tcp layer so NLB can't check the health of target group at application layer. If you're OK with source IP stickiness and health check method of NLB is OK to use, you can try to use NLB.

profile pictureAWS
답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠