LTM iRule to manage users sessions (like APM does)

Question

Hi,&nbsp;
A customer of mine would like to implement the same logic of APM session management (done with APM MRHSession cookie) using an LTM iRule to keep track of LTM session cookies.
Once a user logs out explicitly from the application (via a particular URL like /logout.html), LTM would simply invalidate (expire) his LTM session cookie to forbid that the same cookie is reused by another user.&nbsp;
But what about the case of multiple users concurrently logged in into the same application?
Should I keep track of each session id cookie in a TCL array, where i would put username and session cookie associated, but how to manage such array (remove, add new entries in the array)&nbsp;
Would this work?
Do you have an example?&nbsp;
Thanks for your feedback/thoughts.&nbsp;

yann_desmarest · Answer

Hi,&nbsp;
You should have a look at the table command. It allows you to add, modify and delete session information within a session table.&nbsp;
You may also have subtable.&nbsp;
Regards&nbsp;
Yann&nbsp;

Forum Discussion

LTM iRule to manage users sessions (like APM does)

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

APM Manage Session

iRules Change Management

Complex session management

APM sessions broken out by access policy?

BIG-IQ - management interface SSL certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS