Forum Discussion
Daniel_Varela
Employee
EmployeeAPM How to simulate user session log out
Hi everyone!
I'm trying to close a session using an irule. When the user access to "/logout.do" I would like to close the sessión but like if the user were logged out (not an admin termination). I'm using this irule:
when ACCESS_ACL_ALLOWED {
if { [HTTP::uri] equals "/logout.do" }{
ACCESS::session remove
HTTP::redirect "http://[HTTP::host]"
}
}
At the end I'm redirected to https://myhost/my.logout.php3?errorcode=20 so is a little confuse to the users.
Can any one let me know how to close the session in a clean way?
Than you in advance!
MiLK_MaNNimbostratus
Try this instead:
HTTP::redirect /vdesk/hangup.php3
Daniel_VarelaHi milk_man,
I've tried that but it happens the same. I'm always redirected to an error page.
Looking at LTM log I get this message:
Jul 3 09:31:00 tmm2 err tmm2[10191]: 011f0007:3: http_process_state_prepend - Invalid action EV_SINK_HEADER during ST_HTTP_PREPEND_HEADERS (Client side: vip=/Common/APM_Test_vs profile=http addr=0.0.0.0 port=0 rtdom_id=0 client_ip=X.X.X.X)- Eric_St__JohnRemove the 'ACCESS::session remove' and use the redirect statement that MiLK_MaN mentioned. That should provide a normal user disconnection.
Eric - Daniel_VarelaHi guys!
At the end I used the redirect you tell me but in an HTTP_REQUEST event:
when HTTP_REQUEST {
if { [HTTP::uri] contains "/logout.do" }{
HTTP::redirect "https://[HTTP::host]/vdesk/hangup.php3"
}
}
If I used ACL_ACCESS_ALLOWED event the browser close the session abruptly maybe because it's identifying an attack. - Walter_Kacynski
Cirrostratus
In an ACCESS_ACL_ALLOWED event you must use
ACCESS::respond 302 location [HTTP::host]to avoid the ST_HTTP_PREPEND_HEADERS error.
