Forum Discussion
MistOpenID Connect as Client and Resource server
Hi All
I am hoping some here can help me ... I am setting up a F5 to act as both OpenID Connect as Client and Resource server however I am now stuck in a auth loop. My session is being deleted before its handed over to to the authoisation server ..
"If the session ID is still changing (4a3b8e96 -> 76933e5c) and the logs show Session deleted (oauth_finished), the F5 is essentially "forgetting" the session because it is failing to hand off the MRHSession cookie, or the policy is explicitly configured to terminate upon finishing the OAuth transaction."
I have tried many variations of using iRule to stop the session ID's changing between the auth server and the authorisation server to ni avail .. I am at my wits end :(
Anyone anble to help? I have logs I will need to sanitise them first that I can upload. These just show that the Auth-ID is created and then the session is deleted before its handed over to VPE that should then send it to sharepoint point app ..
help anyone
1 Reply
- Nikoolayy1
MVP
Maybe you need to focus on why the client does not send the cookie ? Is it a normal web user with a browser in normal not incognito mode ?
The issue you describe sounds not apm one as it is described in the clientles mode article that you can try using:
https://my.f5.com/manage/s/article/K000137617
Also if this is API traffic see
https://techdocs.f5.com/en-us/bigip-16-1-0/big-ip-access-policy-manager-api-protection.html as the API protection mode is newer way than clientles mode.
Other than that 21.1 ads DCR but maybe in your case it will not help as this is dynamic client registration:
