Forum Discussion

Stanislas_Piron's avatar
Stanislas_Piron
Icon for Nimbostratus rankNimbostratus
May 18, 2016

LTM+APM session expired detection

Hi,   When deploying APM in SSL VPN mode, a javascript is inserted to webtop and ressources responses to poll /vdesk/timeoutagent-i.php, detect session timeout and redirect to logout URI /vdesk/han...
application delivery
BIG-IP Access Policy Manager (APM)
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Jun 06, 2016

Hi,

To force browser to detect session closed, I wrote the following irule:

when RULE_INIT {
    set static::jscript {}
}

when ACCESS_ACL_ALLOWED {
     Disable the stream filter by default 
    if { [catch {STREAM::disable}] } {log local0. "Streem disable error"}
    set insertJscript 0 
    HTTP::header remove "Accept-Encoding"
    set authenticated 1
}


when HTTP_RESPONSE { 
    if {[info exists authenticated] && ([HTTP::status] == 200) && ([HTTP::header value Content-Type] contains "text")} { 
        set insertJscript 1
        STREAM::expression "@@$static::jscript@"
        STREAM::enable
    }
    if {[HTTP::header exists "Transfer-Encoding"]} {
        HTTP::payload rechunk
    }
}


when STREAM_MATCHED {
     Once we've hit one match, disable the stream filter for the rest of the response
    if { $insertJscript} {
        log local0. "Session Closed detection : Javascript inserted"
        STREAM::disable
    }
}

I imported the following javascript file in Hosted content (named detect_session_close.js):

function detectSessionClosed()
{
    var rq = new XMLHttpRequest();
    rq.open("GET","/vdesk/timeoutagent-i.php",false);
    rq.send(null);
    if (rq.status === 404) {
      window.location.assign("/vdesk/hangup.php3");
    }
}

setInterval( detectSessionClosed, 30000);

It request timeoutagent-i.php every 30 seconds (without extending the APM session) and redirect to logout page if the session is closed.