f5 sharepoint tenacious session issue

Same problem here, SharePoint 2010 with persistent cookies enabled on F5 in order to allow editing in Office. Until solution is found we decided to set timeout to 5 minutes, then added JS code to SharePoint master page to retrieve an image every 4 and half minutes. This resets expiry on persistent cookie for another 5 minutes, cutting down to max 5 minutes chance of someone unauthorized accessing the site on public computer. Still this is a hole that should not be there. I understand users should always click on Sign Out, but that’s not guaranteed. Chances are most of them will close the browser and assume they are logged out. Also, we can’t rely on public computers to be set to delete permanent cookies on browser closing.

Suggestion for permanent solution, assuming session cookies are killed on closing a browser: Create one browser session cookie and one persistent cookie when starting a new session. When browser is closed, session cookie will be deleted. If someone reopens the browser and tries to access the site, F5 should check for both session and persistent cookies. If they don’t match or one is missing, F5 should kill the session.