hi,For lagacy purpose, I need to create an APM on my VS.I don't understand why but applying any Access Policy on my VS result on an errocode=19 "access denied"The VS is a basic HTTP Virtual server IP xxx.xxx.xx.xxListen adress 80Pool redirecting to a single hostProtocol tcpprotocol client & server tcpHTTP Profile client & server httpVLAN & SNATPOOL DefinedNo Irule, Nor perstence profile When i don't enable the APM the VS is working as expectedI've reduced The Access Policy to the simpliest,Start --> AllowAnd set the SSO Auth Domains - Cookie Options to HTTP Only Any help would be appreciated

This error means that the user's browser: 1- Accessed an APM virtual. 2- Got a 302 to "/my.policy" with a cookie to use for that request. 3- Accessed "/my.policy" without the cookie they just got. Like most web apps, APM's session management relies on cookies. By default APM's cookies have the "secure" flag. To understand the issue more fully you can read about how cookies work, especially read the part about the secure flag: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#block_access_to_your_cookies

Forum Discussion

IVD

Nimbostratus

Oct 05, 2024

APM issue errorcode=19

hi,
For lagacy purpose, I need to create an APM on my VS.

I don't understand why but applying any Access Policy on my VS result on an errocode=19 "access denied"

The VS is a basic HTTP Virtual server

IP xxx.xxx.xx.xx

Listen adress 80

Pool redirecting to a single host

Protocol tcp

protocol client & server tcp

HTTP Profile client & server http
VLAN & SNATPOOL Defined

No Irule, Nor perstence profile

When i don't enable the APM the VS is working as expected

I've reduced The Access Policy to the simpliest,

Start --> Allow

And set the SSO Auth Domains - Cookie Options to HTTP Only

Any help would be appreciated

application delivery

Lucas_Thompson
Oct 07, 2024
This error means that the user's browser:

1- Accessed an APM virtual.

2- Got a 302 to "/my.policy" with a cookie to use for that request.

3- Accessed "/my.policy" without the cookie they just got.

Like most web apps, APM's session management relies on cookies. By default APM's cookies have the "secure" flag.

To understand the issue more fully you can read about how cookies work, especially read the part about the secure flag:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#block_access_to_your_cookies

IVD
Nimbostratus
Oct 05, 2024
More info i've found.

If i test with http://<ip>:80/myressource the APM is working fine
if i test with http://<DNS>:80/myressource the APM is not working
Lucas_Thompson
Employee
Oct 07, 2024
This error means that the user's browser:

1- Accessed an APM virtual.

2- Got a 302 to "/my.policy" with a cookie to use for that request.

3- Accessed "/my.policy" without the cookie they just got.

Like most web apps, APM's session management relies on cookies. By default APM's cookies have the "secure" flag.

To understand the issue more fully you can read about how cookies work, especially read the part about the secure flag:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#block_access_to_your_cookies
- IVD
  Nimbostratus
  Oct 08, 2024
  Thank you it was helpfull,
  
  The issue was with my client application that wasn't accepting the cookie.
  I found out that i should use the Header clientless-mode for my application to be able to authenticate.
  
  Thanks for your help