For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Oct 17, 2019

F5 APM Session Cookies Doesn't Clear after User Inactivity

F5 APM Session Cookie MRHSession doesn't clear from browser if a user is inactive for more than 49 minutes. We are using a custom iRule to invoke logout uri which will clear APM session cookies (F5_...

BIG-IP Access Policy Manager (APM)

Icon for Nimbostratus rank

Nimbostratus

Oct 25, 2019

In our APM configuration, /login/signout is configured for logout URI. When APM intercepts that call, it clears out the APM cookies form the configuration.

Is there any way I can issue that in above iRule such that APM intercepts and clears session locally and the 302 will redirect the user back to our landing page for login.

Icon for Employee rank

Employee

Oct 25, 2019

Hello, I think you are looking for something like this:

when ACCESS_ACL_ALLOWED {

if { [HTTP::uri] equals "/?cmd=logout" } {

ACCESS::session remove

HTTP::redirect "https://[HTTP::host]"

}

}

https://devcentral.f5.com/s/question/0D51T00006i7P3M/apm-logout-irule

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Academy at AppWorld 2026

DevCentral News

Introducing the F5 AI Assistant for BIG-IP

Technical Articles

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5