APM close session when smart card removed

Question

Hi !
I have published a web application with smartcard authentication by apm.
how do i force closing a session on smart card remove?&nbsp;
Thanks,&nbsp;
Aviv Hassidim&nbsp;

henrik_gyllkran · Answer

In normal circumstances the APM doesn't work like that. Once you established a session you're allowed to send traffic until the session ends. What you might be able to do is to create a Per-Request Policy, so that the Access Policy will be verified every time the client sends a rquest. I haven't played around too much with those but I know they don't have all the features of the normal Access Policies, but they might be able to do what you need.

boneyard · Answer

i don't believe APM or any software can do this. the problem is how a smartcard is integrated in the OS. it is just a place to store a certificate, probably with a passcode to protect it. it is accessed when a certificate is requested, but that is it. things like removing a smartcard triggers nothing, certainly not APM.&nbsp;
per access request might help, but it might also just assume the card is still there and use a cached version. i have seen that happen with smart cards and it might differ from OS to OS.&nbsp;

Forum Discussion

APM close session when smart card removed

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

Ending an APM session when browser tab is closed

F5 Architecture Track Sessions - AppWorld 2026

Help with upstream prematurely closed!

Remove alerts showing r-series LCD/Dashboard.

MCP Session Affinity With F5 NGINX Plus

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS