Forum Discussion

Nimbostratus

8 years ago

F5 APM with specific not all SAML SP initiated connection issue, cause iRule execution fail, TCP reset with F5 Version 12.1.2 HF1

We have a problem with a specific SP initiated SAML request. iRule execution fail Problem details We have F5 APM as a IDP setup. Single IDP with multiple SP. One of the specific SP initi...

application delivery

BIG-IP Access Policy Manager (APM)

LTM

security

nag_54823

Cirrostratus

8 years ago

Hi Jitu,

You need to use either state_allow or state_deny or state_redirect. You should not use all in one.

Example

when HTTP_REQUEST priority 30 { set apm_cookie [HTTP::cookie value MRHSession] if { "[ACCESS::session exists -state_allow -sid $apm_cookie]" } {

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 APM with specific not all SAML SP initiated connection issue, cause iRule execution fail, TCP reset with F5 Version 12.1.2 HF1

AppWorld Berlin iRules Contest!

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

Recent Discussions

Changes to DO and AS3 GitHub - no longer monitored

SSL Forward Proxy, iRules and Client Hello

monitor/healthcheck issue with envoy gateway

Recommendation for Adv. Lab

How to Verify config before loading to F5

Related Content

Proxy Protocol v2 Initiator

Proxy Protocol Initiator

Overview of MITRE ATT&CK Tactic - TA0002 Execution

Accelerate your AI initiatives using F5 VELOS

F5 Partners join our F5 executive team at our first Partner Connect event

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS