Forum Discussion

Nimbostratus

May 09, 2014

f5 Access Policy Manager AJAX vs Non-Ajax Request Handling with Authentication

I'm implementing a Single Page Application (Javascript/AJAX Based) leveraging the f5 as the Identity Provider and Service Provider for Single-Sign-On. The Web app sits behind the f5 in Apache, and th...

application delivery

ASM Advanced WAF

BIG-IP Access Policy Manager (APM)

Nimbostratus

May 12, 2014

I'm wondering how in the first place the application manages to passes the policy without 302 support.

Assuming it's not even able do to that because of this(so not a problem of session timeout) you may want to consider the client less mode. If session cookies are not send in the following requests, APM will create a new session for each HTTP request.

when HTTP_REQUEST {
    HTTP::header insert "clientless-mode" 1
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

f5 Access Policy Manager AJAX vs Non-Ajax Request Handling with Authentication

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How APM GET IOS UUID & Andriod MAC

Expired client-certificate

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Floating Ip Problem

Related Content

Double Trouble: Multiple Controllers Handling the Same Kubernetes LoadBalancer Service

Intermediate iRules: Handling Strings

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Intermediate iRules: Handling Lists

AI Security : Prompt Injection and Insecure Output Handling.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS