Forum Discussion

raZorTT's avatar
Icon for Cirrostratus rankCirrostratus
Dec 18, 2019

Kill an APM session after policy completes successfully



I have a bizarre question


How would I be able to kill an APM session a few seconds after the access policy completes?


I have a max session timeout of 300 (5min) to allow the user to complete the steps of a policy, which is to allow a SAML IdP Chain to occur. Once that has finished, and the SAML assertion is sent to the SP, I want to end the session rather than waiting for it to timeout.


The F5 isn't proxying any applications, it's just helping authenticate.


I had a look at session.max_session_timeout, but it appears that can only be modified in the ACCESS_SESSION_STARTED event.

I also tried ACCESS::SESSION remove in the ACCESS_ACL_ALLOWED and ACCESS_POLICY_COMPLETED events, but that just ends the session right then and there.


Any ideas how it can be done?




  • For anyone wanting to do something similar, I ended up timing out the session using

    ACCESS::session modify -timeout 10

    Which timed out the session after 10 seconds



  • For anyone wanting to do something similar, I ended up timing out the session using

    ACCESS::session modify -timeout 10

    Which timed out the session after 10 seconds

