Session deleted due to user logout request?

Question

Hello. I currently have SAML authentication set up, and it works well most of the time. However, I keep getting the following sporadically:
2014-12-22 13:20:35 
Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20rv%3a31.0)%20Gecko%2f20100101%20Firefox%2f31.0.

2014-12-22 13:20:35  
Received client info - Type: Mozilla Version: 5 Platform: Win7 CPU: WOW64 UI Mode: Full Javascript Support: 1 ActiveX Support: 0 Plugin Support: 1

2014-12-22 13:20:35    
New session from client IP x.x.x.x (ST=/CC=/C=) at VIP x.x.x.x Listener /Common/SAML_SP (Reputation=Unknown)

2014-12-22 13:20:35    
\N: Session deleted due to user logout request.

2014-12-22 13:20:35    
Following rule 'fallback' from item 'SAML Auth' to ending 'Deny'

2014-12-22 13:20:35    
Access policy result: Logon_Deny

2014-12-22 13:21:16    
Session statistics - bytes in: 2036, bytes out: 818

The other thing is, if I try to authenticate directly after that, I will be able to do so successfully. I'm not sure why the session is deleted due to 'user logout request'. Any ideas as to what is happening?

michael_jenkins · Answer

Are you saying the BIG-IP is the IdP or the SP in this instance? (Is the application authenticating against the F5 or is the F5 authenticating against a different identity provider?) &nbsp;
And what does your policy look like in the VPE? Doing any checks that may be failing for some reason?&nbsp;

angel_sosa_veri · Answer

Have you received answer to this issue? How did you resolve it?&nbsp;

vinne73 · Answer

Is there any news on this? I have the same problem. &nbsp;
My BigIP/APM is a SAML SP. I use Shibboleth as IdP. This works 99% of the time. The other 1 procent gives errors. Browsers might show the error "Invalid nonce"&nbsp;
What my logs show:&nbsp;
apmd[13185]: 01490266:7: /Common/UA:UAnet:1f3c043d: ApmD.cpp: 'process_apd_request()': 1815:  ** done with the request processing **
tmm[19269]: 01490501:5: /Common/UA:UAnet:1f3c043d: Session deleted due to user logout request.&nbsp;
Which is not true, the user did not ask for a logout.&nbsp;

vinne73_96575 · Answer

Is there any news on this? I have the same problem. &nbsp;
My BigIP/APM is a SAML SP. I use Shibboleth as IdP. This works 99% of the time. The other 1 procent gives errors. Browsers might show the error "Invalid nonce"&nbsp;
What my logs show:&nbsp;
apmd[13185]: 01490266:7: /Common/UA:UAnet:1f3c043d: ApmD.cpp: 'process_apd_request()': 1815:  ** done with the request processing **
tmm[19269]: 01490501:5: /Common/UA:UAnet:1f3c043d: Session deleted due to user logout request.&nbsp;
Which is not true, the user did not ask for a logout.&nbsp;

youssef1 · Answer

Hi,&nbsp;
Can you tell me if users that encounter this kind of behaviour use MacOS or IOS?&nbsp;
I already encounter this kind of behviour with this users....&nbsp;
regards,&nbsp;

Forum Discussion

Session deleted due to user logout request?

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

This DevCentral Content has been Archived or Deleted

Getting started with a script to delete user APM session(s)

Agility sessions announced

Deleting iApp - Pool and VIPs already gone

Logging of DNS Requests and Responses without a DNS license

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS