Forum Discussion
NimbostratusAPM - Cookie issue with a mobile app
Hi,
I have a weird issue with a mobile app when trying to connect to a VIP with an APM policy (a SAML global IdP). The app correctly connects the first time, then when reopening the app, it sends an old cookie, and APM answers with the error page "cannot find session".
I captured to traffic to put in evidence the cookies sent by the app :
I tried to clear all cookies on the HTTP request but APM still sends the error page as it seems the removal occurs after the VIP IdP has already answered. More, I cannot find anywhere in the logs the session specified in the APM logs.
when HTTP_REQUEST {
if {[HTTP::uri] equals "/myapp"} {
Loop through each cookie by name
foreach cookie [HTTP::cookie names] {
Log the cookie name and value
log local0. "Cookie name: $cookie, Cookie value: [HTTP::cookie value $cookie]"
HTTP::cookie remove $cookie
}
Is there anyway to tell APM to open a new connection and start the policy in this case ?
I am running 11.6 HF6.
Thanks, Pascal
4 Replies
Yann_Desmarest_Nacreous
Hi,
You need to force the client to remove the apm cookies. More precisely, the client will need to remove sp and idp related cookies. You can respond with a peace of javascript to do this
Did you configured a domain cookie in your access profile ?
InnOThanks for the tip regarding the domain cookie. It appeared that we have others policies with a domain cookie implemented, this may screw the others as authentication and SSO profiles are different... Thanks again, Pascal.
Yann_DesmarestCirrus
Hi,
You need to force the client to remove the apm cookies. More precisely, the client will need to remove sp and idp related cookies. You can respond with a peace of javascript to do this
Did you configured a domain cookie in your access profile ?
- InnOThanks for the tip regarding the domain cookie. It appeared that we have others policies with a domain cookie implemented, this may screw the others as authentication and SSO profiles are different... Thanks again, Pascal.
