Forum Discussion

Nimbostratus

May 18, 2016

LTM+APM session expired detection

Hi, When deploying APM in SSL VPN mode, a javascript is inserted to webtop and ressources responses to poll /vdesk/timeoutagent-i.php, detect session timeout and redirect to logout URI /vdesk/han...

application delivery

BIG-IP Access Policy Manager (APM)

Stanislas_Piro2

Cumulonimbus

Jun 06, 2016

Hi,

To force browser to detect session closed, I wrote the following irule:

when RULE_INIT {
    set static::jscript {}
}

when ACCESS_ACL_ALLOWED {
     Disable the stream filter by default 
    if { [catch {STREAM::disable}] } {log local0. "Streem disable error"}
    set insertJscript 0 
    HTTP::header remove "Accept-Encoding"
    set authenticated 1
}


when HTTP_RESPONSE { 
    if {[info exists authenticated] && ([HTTP::status] == 200) && ([HTTP::header value Content-Type] contains "text")} { 
        set insertJscript 1
        STREAM::expression "@@$static::jscript@"
        STREAM::enable
    }
    if {[HTTP::header exists "Transfer-Encoding"]} {
        HTTP::payload rechunk
    }
}


when STREAM_MATCHED {
     Once we've hit one match, disable the stream filter for the rest of the response
    if { $insertJscript} {
        log local0. "Session Closed detection : Javascript inserted"
        STREAM::disable
    }
}

I imported the following javascript file in Hosted content (named detect_session_close.js):

function detectSessionClosed()
{
    var rq = new XMLHttpRequest();
    rq.open("GET","/vdesk/timeoutagent-i.php",false);
    rq.send(null);
    if (rq.status === 404) {
      window.location.assign("/vdesk/hangup.php3");
    }
}

setInterval( detectSessionClosed, 30000);

It request timeoutagent-i.php every 30 seconds (without extending the APM session) and redirect to logout page if the session is closed.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)