For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

NetWork's avatar
NetWork
Icon for Nimbostratus rankNimbostratus
Dec 23, 2020

iRule to delete the cookies

We have a requirement to delete the SSO cookies after logging out the application. Can someone help if this can be achieved through iRule?
application delivery
BIG-IP
iRules
security
jaikumar_f5's avatar
jaikumar_f5
Icon for Noctilucent rankNoctilucent
Dec 23, 2020

Do you mean the APM session or other SSO cookies, try testing this or feel free to customize if you know the cookie name.

ltm rule remove_logout_cookie {
when HTTP_REQUEST {
  set logging_out 0
  set cookie_names [HTTP::cookie names]
  if {[string tolower [HTTP::path]] ends_with "logout.php" } {
    set logging_out 1
  }
}
 
when HTTP_RESPONSE {
  if { $logging_out == 1 }{
    foreach cookie_name $cookie_names {
	  HTTP::cookie remove $cookie_name
    }
  }
}
}