Forum Discussion
APM inactivity timeout redirect or notification page for LTM + APM connections
APM already basically does this by redirecting to the hangup page when a session is invalid, if you look closely at the HTTP transactions using httpwatch, httpfox, chrome dev tools, firefox dev tools, fiddler, or a packet capture you can see how it works.
A few notes about it:
-
ACCESS_SESSION_CLOSED isn't tied to a flow, because the session closes asynchronously to network activity, so you can't call any commands that set variables or make any network flows themselves. Basically the only useful thing you can do here is log.
-
You'll have to figure out how you'd like this to work in your environment. APM and/or BIG-IP can basically do anything you want, but you'll have to think in terms of HTTP transactions. A web developer or the application vendor should be able to assist you to determine the best way to handle timeouts for your app. Some web apps are "single page" style like OWA, and some web apps are multiple pages. Most are a mixture.
-
If you want to detect if a session is valid, use something like this where you check for the cookie first in http request, then check the APM session state (I didn't check this so make sure it works for you):
when HTTP_REQUEST {
if { [HTTP::cookie exists "MRHSession"] } {
user gave us a cookie, continue
} else {
user didn't give us any cookie, stop and let APM do its thing
return
}
if { [ACCESS::session exists -state_allow] } {
user does not have valid session.
} else {
user did give us a cookie but session does not exist in allow state
do the expire stuff here
}
}
Experts,
APM - session inactivity - 15mins
Upon reaching 15mins, browser displaying default F5 page - vdesk/hangup.php3
*expectation - upon reaching 15mins, it should redirect to IDP login page
It appears, I have to fine tune below to achieve IDP login page, any pointers / sugesstions on this Irule logic,
inputs appreciated.
when HTTP_REQUEST {
if { ( [HTTP::cookie exists MRHSession] ) and not ( [ACCESS::session exists -state_allow [HTTP::cookie value MRHSession]] ) } {
if { ( [HTTP::uri] ne [ACCESS::session data get session.server.landinguri] ) and not ( [ACCESS::session data get session.server.landinguri] eq "" ) } {
ACCESS::session remove
HTTP::redirect [HTTP::uri]
TCP::close
}
}
}
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com