Cookie based routing for Application Load Balancer

0

Currently I can do routing based on HTTP headers, but am wondering if I can do routing based on a key/value i put into the cookie.

https://aws.amazon.com/blogs/aws/new-advanced-request-routing-for-aws-application-load-balancers/

According the the cookie example in this link, i can match based on a header cookie value "user=jeff".

Then running

curl --cookie "user=jeff" http://TestALB-156468799.elb.amazonaws.com

Works. But in the real-world, cookie values are often modified or added to. For example:

curl --cookie "user=jeff;JESSIONID=sdf12321" http://TestALB-156468799.elb.amazonaws.com

Now my ALB rule does not match anymore. Am I missing something here?

asked 3 years ago668 views
6 Answers
0

Hi,
I have verified this works on an Application Load Balancer.
The Http Header rules allow wild cards. If the KEY value is "cookie", the VALUE should be changed:

from:
 user=jeff
to:
 *user=jeff*

This will allow your cookie to have values, such as:
  dog=cat;user=jeff;JSESSIONID=sdf12321
and this will still route to the same location when the cookie was just set to user=jeff.

Here is the link that describes the comparison string supporting the wildcards:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-update-rules.html

To add an HTTP header condition, choose Add condition, Http header. Type the name of the header and add one or more comparison strings. To save the condition, choose the checkmark icon.

The maximum size of each header name is 40 characters, the header name is case-insensitive, and wildcards are not supported. The maximum size of each comparison string is 128 characters and the following wildcard characters are supported: * and ?. The comparison is case-insensitive.

Hope this helps!
-randy

answered 3 years ago
0

HI Randy, thanks for your help.

This looks useful, but it would also match with user=jeff1.

Ideally AWS supports key/value cookie parsing, but I might still be able to use this.

answered 3 years ago
0

Hi,
To fulfill that specific requirement, you could have the rule ID set up as follows:

IF (all match)
Http header...
cookie
is user=jeff
or user=jeff;
or user=jeff<space>

-randy

answered 3 years ago
0

or operator will mean it still matches with user=jeff1.

Thanks anyway!

Edited by: mkonecny84 on Sep 24, 2019 5:42 PM

answered 3 years ago
0

Hi,
One last try, and I think I covered all of the test cases and I have just verified using the ALB.
I created an Application Load Balancer and create the following rules:

IF (all match)
Http header...
cookie
is user=jeff
or user=jeff;*
or *;user=jeff
or *;user=jeff;*

For the THEN
1. Return fixed response...
Response code: 200
Content-type: text/plain
Response body: "Yay it worked"

I then launched Postman and tried different values for the cookies

Here are the successful 200 use cases:
user=jeff     - 200
user=jeff;JESSIONID=sdf12321    - 200
dog=cat;user=jeff;bird=mouse   -  200

Here are the failed 503 use cases:
user=jeff1  - 503
abuser=jeff - 503
cat=mouse;user=jeff bird=mouse - 503 (missing semicolon)

Hope this helps,
-randy

answered 3 years ago
0

This suggestion works, but some web clients may add a space between the semicolon and the next cookie.

"a=1; user=jeff"

So the wildcard rules should be something like this, since you can only have a max of 5 rules:

IF (all match)
Http header...
cookie
is *user=jeff;*
or user=jeff;*
or *user=jeff;
or *user=jeff;*

There has to be a simpler way to accomplish this.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions