Forum Discussion
vinocalk
Nov 27, 2013Nimbostratus
APM Citrix tidy session termination
Hi,
I have used the f5.citrix_xenapp_xendesktop.2012_06_27 iApp to migrate remote access to our Citrix Xenapp and Xendesktop environment through F5's running APM and 11.3 HF6. We have kept the C...
Michael_Koyfma1
Cirrus
Storefront always makes a request that ends with Logoff(i.e. /Citrix/Storeweb/Authentication/Logoff) - so you can easily modify the iRule to trap workd "Logoff" instead of "loggedout" and that should solve the issue for you.
vinocalk
Nov 28, 2013Nimbostratus
Michael thanks again. Admittedly I did not dig too deep regarding the Storefront logoff. I have used Chrome Developer Tools and can see what you are talking about. Apologies. Also after the upgrade to Storefront from Web Interface I forgot to re-enable the iRule in question so in fact (after re-enabling it and testing more) my issue is the same with both Web Interface and Storefront. I have tested it again today so here is my issue again (I will try not to waffle this time I hope!):
- The iapp deploys an irule that searches for "loggedout" in a URI and uses this to kill access sessions (irule below so we know we are talking about the same thing)
- Our deployment of both web interface and strorefront has a 20 minute timeout so, as expected the URI is passed that contains "loggedout" (web interface) of "Logoff" (Storefront) after 20 minutes (I modified the irule for Storefront like you said)
- When this happens my access session is killed and my Citrix remote desktop is obviously killed too. My testing today has proved that this is not just idle sessions but sessions that I am very much using! (apologies I previously intimated that it was just idle sessions that this happened too - that was obviously inaccurate of me - the irule logic is obviously not monitoring the idle state)
- I need to work out another solution as this irule is obviously great for monitoring for when a user purposefully clicks logoff from Web Interface \ Storefront but is no good for the above reason. And I personally cannot work out how it is any good for anyone but maybe it is my set-up somewhere else that is at fault?
the irule in question (URI modified for Storefront):
when ACCESS_ACL_ALLOWED {
if {[HTTP::uri] contains "Logoff" } {
after 2000 { ACCESS::session remove}
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects