Forum Discussion

raZorTT's avatar
raZorTT
Icon for Cirrostratus rankCirrostratus
Dec 18, 2019

Kill an APM session after policy completes successfully

Hi,

 

I have a bizarre question

 

How would I be able to kill an APM session a few seconds after the access policy completes?

 

I have a max session timeout of 300 (5min) to allow the user to complete the steps of a policy, which is to allow a SAML IdP Chain to occur. Once that has finished, and the SAML assertion is sent to the SP, I want to end the session rather than waiting for it to timeout.

 

The F5 isn't proxying any applications, it's just helping authenticate.

 

I had a look at session.max_session_timeout, but it appears that can only be modified in the ACCESS_SESSION_STARTED event.

I also tried ACCESS::SESSION remove in the ACCESS_ACL_ALLOWED and ACCESS_POLICY_COMPLETED events, but that just ends the session right then and there.

 

Any ideas how it can be done?

 

Regards,

Simon

  • For anyone wanting to do something similar, I ended up timing out the session using

    ACCESS::session modify -timeout 10

    Which timed out the session after 10 seconds

    cheers

    Simon

1 Reply

  • For anyone wanting to do something similar, I ended up timing out the session using

    ACCESS::session modify -timeout 10

    Which timed out the session after 10 seconds

    cheers

    Simon