We are using ActiveMQ's HTTP transport to connect to brokers hosted in AWS, behind a load balancer.
This transport requires a sticky session (i.e. session affinity) because of the local map of clients in HttpTunnelServlet.clients
AWS's classic load balancer sends sticky session cookies with the max-age attribute:
Whereas AWS's new application load balancer, which supports a web application firewall (WAF), uses the Expires attribute:
As of RFC 6265 both max-age and Expires are valid attributes.