For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Aviv's avatar
Aviv
Icon for Cirrus rankCirrus
Nov 07, 2015

APM close session when smart card removed

Hi ! I have published a web application with smartcard authentication by apm. how do i force closing a session on smart card remove?   Thanks,   Aviv Hassidim  
Henrik_Gyllkran's avatar
Henrik_Gyllkran
Icon for Nimbostratus rankNimbostratus
Nov 07, 2015

In normal circumstances the APM doesn't work like that. Once you established a session you're allowed to send traffic until the session ends. What you might be able to do is to create a Per-Request Policy, so that the Access Policy will be verified every time the client sends a rquest. I haven't played around too much with those but I know they don't have all the features of the normal Access Policies, but they might be able to do what you need.