Forum Discussion

Terrence's avatar
Terrence
Icon for Nimbostratus rankNimbostratus
May 30, 2012

Edge Gateway-OWA 2010 sp2 session timeout and double login page

So I wrote this long post of two issues we are having with the exchange/apm implementation, however it was denied. So heres the coles notes version:         1) double login prompt   ...
microsoft
partner
Terrence's avatar
Terrence
Icon for Nimbostratus rankNimbostratus
May 30, 2012
Point2

 

Thus far the rules have proven wrong. The last one definately removes the session, however the web client never realizes it has timed out, as the requests were from json or xmlrpc of some sort.

 

 

I stole this one from https://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/1086502/APM-Session-Invalidation-Using-ASM.aspx

 

 

Removing the asm piece and adding the HTTP_RESPONSE piece

 

when ACCESS_ACL_ALLOWED {

 

set mrhsession [HTTP::cookie value "LastMRH_Session"]

 

if { [table lookup $mrhsession] == "EXCHANGE_LOGOUT" } {

 

set user_logon [ACCESS::session data get "session.logon.last.username"]

 

set sessionid [ACCESS::session data get "session.user.sessionid"]

 

 

log local0.warn "ASM VIOLATION - Session: $sessionid, User: $user_logon"

 

ACCESS::session remove

 

table delete $mrhsession

 

}

 

}

 

 

when HTTP_RESPONSE {

 

if { [HTTP::status] == 440 } {

 

set mrhsession [HTTP::cookie value "LastMRH_Session"]

 

 

if { $mrhsession != ""} {

 

table set $mrhsession "EXCHANGE_LOGOUT"

 

log local0.warn "OWA Exchange Initiated Timeout - MRHSession: $mrhsession"

 

}

 

}

 

}