Forum Discussion

fredlubrano's avatar
fredlubrano
Icon for Cirrus rankCirrus
Nov 14, 2023
Solved

Custom APM Logon page Access policy evaluation is already in progress for your current session

Hello, I am trying to solve a problem as I am blocked by the following message, When I click on the link '<p>Please register <a href='/register.php'>here</a> if you don't have an account yet.</p>'...
security
  • fredlubrano's avatar
    fredlubrano
    Nov 19, 2023

    Hello, I think I need to take a vacation 🙂 It's just a small irule and a landing URI issue. Fred.

     

     

    when HTTP_REQUEST {
    # Log de début
    log local0. "DĂ©but de traitement de la requĂȘte : [HTTP::uri] avec le referer : [HTTP::header "Referer"]"

    # VĂ©rifiez si l'URI et le referer correspondent Ă  vos critĂšres
    if { [HTTP::uri] equals "/register.php" and [HTTP::header "Referer"] equals "https://ilove.mama.net/my.policy" } {
        
        # VĂ©rifiez la valeur de la variable de session F5 APM
        set policyResult [ACCESS::session data get "session.policy.result"]
        log local0. "session.policy.result = $policyResult"

        # Si la variable de session n'est pas 'allow', supprimez les cookies
        if {$policyResult ne "allow"} {
            log local0. "La condition de session APM est remplie. Suppression des cookies."

            # Supprimez les cookies MRHSession et LastMRH_Session
            HTTP::cookie remove "MRHSession"
            HTTP::cookie remove "LastMRH_Session"
        } else {
            log local0. "La condition de session APM n'est pas remplie. Les cookies ne sont pas supprimés."
        }
    }

    # Log de fin
    log local0. "Fin de traitement de la requĂȘte : [HTTP::uri]"
}

     

     

fredlubrano's avatar
fredlubrano
Icon for Cirrus rankCirrus

Hello Thomas,
first of all, thank you for your prompt response. I am in scenario number 2: my session is in 'pending' status, and I've tried using this iRule, but it results in a 'too many redirects' error. Do you have any suggestions for resolving this issue?
Thanks,
fred

hen HTTP_REQUEST {
    
    if { [HTTP::uri] equals "/register.php" } {
        set landingURI [ACCESS::session data get "session.server.landinguri"]
        set policyResult [ACCESS::session data get "session.policy.result"]


        log local0. "VĂ©rification de l'URI de la requĂȘte : URI=[HTTP::uri], Landing URI=$landingURI, Policy Result=$policyResult"


        if { $landingURI equals "/" and $policyResult equals "not_started" and not [HTTP::cookie exists "MRHSession"] } {
            # Supprimez le cookie MRHSession et redirigez
            HTTP::cookie remove "MRHSession"
            HTTP::redirect "/register.php"

          
            log local0. "Redirection effectuée à cause des conditions remplies : Suppression de cookie MRHSession et redirection vers /register.php"
        }
    }
}

 



fredlubrano's avatar
fredlubrano
Icon for Cirrus rankCirrus
Nov 19, 2023

Hello, I think I need to take a vacation 🙂 It's just a small irule and a landing URI issue. Fred.

 

 

when HTTP_REQUEST {
    # Log de début
    log local0. "DĂ©but de traitement de la requĂȘte : [HTTP::uri] avec le referer : [HTTP::header "Referer"]"

    # VĂ©rifiez si l'URI et le referer correspondent Ă  vos critĂšres
    if { [HTTP::uri] equals "/register.php" and [HTTP::header "Referer"] equals "https://ilove.mama.net/my.policy" } {
        
        # VĂ©rifiez la valeur de la variable de session F5 APM
        set policyResult [ACCESS::session data get "session.policy.result"]
        log local0. "session.policy.result = $policyResult"

        # Si la variable de session n'est pas 'allow', supprimez les cookies
        if {$policyResult ne "allow"} {
            log local0. "La condition de session APM est remplie. Suppression des cookies."

            # Supprimez les cookies MRHSession et LastMRH_Session
            HTTP::cookie remove "MRHSession"
            HTTP::cookie remove "LastMRH_Session"
        } else {
            log local0. "La condition de session APM n'est pas remplie. Les cookies ne sont pas supprimés."
        }
    }

    # Log de fin
    log local0. "Fin de traitement de la requĂȘte : [HTTP::uri]"
}

 

 

  • Lucas_Thompson's avatar
    Lucas_Thompson
    Icon for Employee rankEmployee
    Nov 20, 2023

    OK great! Sounds like you got it worked out.

    This is another situation where APM's weird "Landing URI" type session setup and handling is different than a normal web app.