Bug ID 475682: APM OAM should be sending a single Cookie header with the cookies delimited by semi-colon.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.1 HF6, 11.4.1 HF9

Opened: Aug 15, 2014
Severity: 3-Major

Symptoms

Authentication with OAM ObSSOCookie failed after the mutiple cookies added by APM EAM module was sent with a comma delimiter to separate them. EAM should be making a single Cookie header with the cookies delimited by semi-colon.

Impact

Authentication with OAM ObSSOCookie fails and user is required to authenticate again with credentials.

Conditions

Authentication with OAM ObSSOCookie fails after multiple cookies added by APM EAM module are sent with comma delimiter to separate them.

Workaround

no workaround

Fix Information

EAM used to send multiple cookies headers in HTTP message. Multiple HTTP headers like this are treated as comma-separated by some receivers. Now EAM adds a single Cookie header with the cookies delimited by semi-colon.

Behavior Change