LTM iRule to manage users sessions (like APM does)

Question

Hi,&nbsp;
A customer of mine would like to implement the same logic of APM session management (done with APM MRHSession cookie) using an LTM iRule to keep track of LTM session cookies.
Once a user logs out explicitly from the application (via a particular URL like /logout.html), LTM would simply invalidate (expire) his LTM session cookie to forbid that the same cookie is reused by another user.&nbsp;
But what about the case of multiple users concurrently logged in into the same application?
Should I keep track of each session id cookie in a TCL array, where i would put username and session cookie associated, but how to manage such array (remove, add new entries in the array)&nbsp;
Would this work?
Do you have an example?&nbsp;
Thanks for your feedback/thoughts.&nbsp;

yann_desmarest · Answer

Hi,&nbsp;
You should have a look at the table command. It allows you to add, modify and delete session information within a session table.&nbsp;
You may also have subtable.&nbsp;
Regards&nbsp;
Yann&nbsp;

Forum Discussion

LTM iRule to manage users sessions (like APM does)

1 Reply

Recent Discussions

Maximum throughput of f5 ltm

Issue on license renewal

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Re: Management Certificate

iControl REST Authentication Token Management

Prepare BIG-IP Central Manager for Automation

Using iControl REST API to manage F5 BIG-IP Advanced Firewall Manager (AFM)

Managing NGINX App Protect WAF for Beginners