Forum Discussion

Torijori_Yamamada's avatar
Torijori_Yamamada
Icon for Cirrus rankCirrus
May 11, 2023

Removal Cookies on Client Browser

Hello I'm trying to erase a bunc of cookies which belongs to expired session. Cookies are sending by the servers (CyberArk) and they are session cookies. Here in this scenario the F5 is used as Auth...
application delivery
BIG-IP Access Policy Manager (APM)
cookie
irule
session management
  • Torijori_Yamamada's avatar
    Torijori_Yamamada
    May 17, 2023

    Hello again.

    Apparently, in order to delete a cookie, you have to specify all properties of the subjected cookie which defined at the first place.

    For example:

    HTTP::header insert "Set-Cookie" "CA66666=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/PasswordVault/;SameSite=none;secure;HttpOnly"
Paulius's avatar
Paulius
Icon for MVP rankMVP
May 12, 2023

Torijori_Yamamada This seems like more of a persistence issue rather than the cookie itself being from the server. If you don't have UIE persistence configured and referencing the cookie that CyberArk issues I would start with that first to see if it resolves your issue. The F5 should take the cookie provided by the server and maintain persistence off of that cookie. The following article should get you moving in the right direction.

https://my.f5.com/manage/s/article/K7392

  • Torijori_Yamamada's avatar
    Torijori_Yamamada
    Icon for Cirrus rankCirrus
    May 12, 2023

    Hello

    I suspected it first and tried with single member in pool and there was no change in behavior.