Forum Discussion

scsp_177450

Nimbostratus

Apr 16, 2015

Solved

APM Access Policy -- Logout URI include

I have configured SSO and it works nicely except I cant logout!

Attempted defining this entry: Include Logout URI. But it just wont take my parameters.

The logout button points to "" so I entered "/index.php?logout=true". It just refused to accept. Any suggestion is much appreciated. Thanks.

BIG-IP Access Policy Manager (APM)

security

kunjan_118660

Apr 16, 2015

It's a known issue. You may want to use an iRule as work around

when HTTP_REQUEST {
  if { [HTTP::uri] equals "/index.php?logout=true" } {
    HTTP::redirect https://[HTTP::header host]/vdesk/hangup.php3 
  }
}

9 Replies

scsp_177450
Nimbostratus
Apr 16, 2015
It kept saying this: Configuration error: Configured URI (/index.php?logout=true) is not allowed to contain query parameter
kunjan_118660
Cumulonimbus
Apr 16, 2015
It's a known issue. You may want to use an iRule as work around

when HTTP_REQUEST { if { [HTTP::uri] equals "/index.php?logout=true" } { HTTP::redirect https://[HTTP::header host]/vdesk/hangup.php3 } }
- scsp_177450
  Nimbostratus
  Apr 16, 2015
  Hi Kunjan. Thanks. I was using redirect. But I think this is cleaner. It works well. Thanks!
- amolari
  Cirrostratus
  Apr 16, 2015
  IMHO using an irule here is not an equivalent. The session on the backend won't be logged out, only the APM session.
kunjan
Nimbostratus
Apr 16, 2015
It's a known issue. You may want to use an iRule as work around

when HTTP_REQUEST { if { [HTTP::uri] equals "/index.php?logout=true" } { HTTP::redirect https://[HTTP::header host]/vdesk/hangup.php3 } }
- scsp_177450
  Nimbostratus
  Apr 16, 2015
  Hi Kunjan. Thanks. I was using redirect. But I think this is cleaner. It works well. Thanks!
- amolari
  Cirrostratus
  Apr 16, 2015
  IMHO using an irule here is not an equivalent. The session on the backend won't be logged out, only the APM session.
amolari
Cirrostratus
Apr 16, 2015
As written by Kunjan, it's a known issue: query parameter not supported (bug).

Bug 226360 - [APM] Allow Query parameters in “Logout URI Include” field in access profile

hopefully soon fixed

kunjan

Nimbostratus

Apr 16, 2015

As amolari rightfully pointed out it won't remove the back end server session. Can we handle it in the response?

when HTTP_REQUEST {
  if { [HTTP::uri] equals "/index.php?logout=true" } {
    set KO 1
  }
}
when HTTP_RESPONSE {
  if {[info exists KO] and $KO  } {
    HTTP::redirect /vdesk/hangup.php3 
  }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM Access Policy -- Logout URI include

9 Replies

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform AS3 code for GTM Only.

BIG-IP device fails to install node-inspector

WAF Block Request

AST Configuration Assistance

F5 HA deployment in Azure using Azure Load Balancer

Related Content

APM-DHCP Access Policy Example and Detailed Instructions

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

HTTP Event Order -- Access Policy Manager

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS