HAProxy community

Limit based on cookie combination

I am hosting a 3rd party website where I would like to limit the maximum logins for a user. I could not find a solution in the 3rd party so I thought I would give it a try if it is possible using HAProxy.

When the user logs in, there will be couple of cookies set up that I think might be useful for this.

  • loggedin_user=username
  • loggedin_session_id=httpsessionid

The session ID changes if I login using an other browser, so I am thinking if I could store the loggedin_user/loggedin_session_id pair and if multiple pairs appear I could send out a http error or serev a static session limit reached html or something.

Would this solution be possible with HAProxy? And if yes any hint would be appreciated.
I tried to check stick-table but could not really figure out how it would work in this scenario.

Many thanks,
TZ