Forum Discussion

Snl's avatar
Snl
Icon for Cirrostratus rankCirrostratus
Aug 08, 2019

APM sso cookie caching issue

Folks   need some help , i have VS were using APM SSO for my jboss web application which working fine with kerberous SSO , the problem is this web doesnt hve logout option , user will close the bro...
application delivery
BIG-IP Access Policy Manager (APM)
iRules
Snl's avatar
Snl
Icon for Cirrostratus rankCirrostratus
Aug 12, 2019

Hi Sajid

 

I have seen this irules earlier , my concern is what is the best way to avoid using existing APM session cookie , i am not concern for SSO , user needs re authenticate every time if they close the browser

 

so what is the best way forward here

 

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Aug 13, 2019

    not quite sure what you are looking for now.

     

    the best way to avoid using existing APM session cookies is to not send them from the browser. but if they still exist you have to get them deleted. does iRules can that do that.

     

    what more are you looking for now?

    • Snl's avatar
      Snl
      Icon for Cirrostratus rankCirrostratus
      Aug 14, 2019

      Hi Boneyard

      does below irule will work ?

      #fire irule before main SSO irule to remove last browser used apm session cookie for previous session
 
 
 
when HTTP_REQUEST priority 80 {
 
 if { ([HTTP::uri] == "/") && [HTTP::cookie exists MRHSession ] && [ACCESS::session exists [HTTP::cookie value MRHSession]] }{
 
 HTTP::cookie remove MRHSession }{
 
HTTP::redirect "https://log.abc.com[HTTP::uri]"
 
 }
 
}
    • boneyard's avatar
      boneyard
      Icon for MVP rankMVP
      Aug 18, 2019

      on first glance it seems it will. but the best way to find out is to try, in a test setup would be best.

    • Snl's avatar
      Snl
      Icon for Cirrostratus rankCirrostratus
      Aug 19, 2019

      Thanks Boneyard, will test n let n know