Forum Discussion

refra_151287's avatar
refra_151287
Icon for Cirrus rankCirrus
Feb 26, 2017

HTTP Monitor Logout

Hi, we want to monitor HTTP application using login page with dedicated username and password. but we need to ensure that F5 logout after longing and receiving the correct status code, as if F5 didn't logout, the application will lock the account and F5 may not be able to login again. is there any way to accomplish this and let F5 to logout?

 

application delivery
BIG-IP
LTM
monitor

2 Replies

  • domokos_23867's avatar
    domokos_23867
    Icon for Nimbostratus rankNimbostratus
    Feb 26, 2017

    What kind of authentication are you using? Basic Authentication does not support it by default so you need to setup some tricks. See this link for some tips: http://stackoverflow.com/questions/4154187/how-to-logout-user-for-basic-http-authentication I think the best solution would be an external monitor that you can script.

     

    Another popular authentication method nowadays seem to be the JSON WEB TOKEN. See here some intro (the takeaway is that the app has a /logout page and they destroy the tokens). --> https://github.com/dwyl/learn-json-web-tokens. That should be easy you just have to chain the GETs with one to /logout.

     

  • jaikumar_f5's avatar
    jaikumar_f5
    Icon for Noctilucent rankNoctilucent
    Feb 27, 2017

    Hope this would be of use. Health monitor functional categories

     

    From the arguments available, just username & pwd alone can be passed as a part of authentication. Logout is not available.Just mysql, oracle, pop3 have logout.

     

    Also login and logout are sessions related to application,not to http.

     

    Your last resort would be to go with external monitor, where you can create a script and send multiple request with your session ID to logout the session.