Skip to content

Commit 975e368

Browse files
ttorblettorble
authored
Merge pull request #288955 from jaesoni/multi-cookie
Multi cookie
2 parents 02ebc91 + a92d8e5 commit 975e368

File tree

4 files changed

+127
-85
lines changed

4 files changed

+127
-85
lines changed

articles/application-gateway/application-gateway-secure-flag-session-affinity.md

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
---
2+
title: Setting HTTPOnly or Secure flag for Session Affinity cookie
3+
titleSuffix: Azure Application Gateway
4+
description: Learn how to set HTTPOnly or Secure flag for Session Affinity cookie
5+
services: application-gateway
6+
author: jaesoni
7+
ms.service: azure-application-gateway
8+
ms.topic: how-to
9+
ms.date: 10/22/2024
10+
ms.author: jaysoni
11+
---
12+
13+
# Setting HTTPOnly or Secure flag for Session Affinity cookie
14+
In this guide you learn to create a Rewrite set for your Application Gateway and configure Secure and HttpOnly [ApplicationGatewayAffinity cookie](configuration-http-settings.md#cookie-based-affinity).
15+
16+
17+
## Prerequisites
18+
* You must have an Azure subscription. You can create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
19+
* An existing Application Gateway resource configured with at least one Listener, Rule, Backend Setting and Backend Pool configuration. If you don't have one, you can create one by following the [QuickStart guide](quick-create-portal.md).
20+
21+
## Creating a Rewrite set
22+
23+
1. Sign in to the Azure portal.
24+
1. Navigate to the required Application Gateway resource.
25+
1. Select Rewrites in the left pane.
26+
1. Select Rewrite set.
27+
1. Under the Name and Association tab
28+
1. Specify a name for this new rewrite set.
29+
1. Select the routing rules for which you wish to rewrite the ApplicationGatewayAffinity cookie's flag.
30+
1. Select Next.
31+
1. Select "Add rewrite rule"
32+
1. Enter a name for the rewrite rule.
33+
1. Enter a numeric value for Rule Sequence field.
34+
1. Select "Add condition"
35+
1. Now open the "If" condition box and use the following details.
36+
1. Type of variable to check - HTTP header
37+
1. Header type - Response header
38+
1. Header name - Common header
39+
1. Common header - Set-Cookie
40+
1. Case-sensitive - No
41+
1. Operator - equal (=)
42+
1. Pattern to match - (.*)
43+
1. To save these details, select **OK**.
44+
1. Go to the **Then** box to specify action details.
45+
1. Rewrite type - Response header
46+
1. Action type - Set
47+
1. Header name - Common header
48+
1. Common header - Set-Cookie
49+
1. Header value - {http_resp_Set-Cookie_1}; HttpOnly; Secure
50+
1. Select **OK**
51+
1. Select Update to save the rewrite set configurations.
52+
53+
54+
## Next steps
55+
[Visit other configurations of a Backend Setting](configuration-http-settings.md)

0 commit comments

Comments
 (0)