Forum Discussion
Cirrocumulususing irules to deliver pages
Hi
I have a VS which is acting as my SSO - its the landing spot for multidomain SSO.
I have a VS (it has ASM applied first) that then goes to another VS (this has APM applied)
I have a irule file with
when HTTP_REQUEST {
switch
"/status/* {
# with
HTTP::respond 200 content
}
I also have
set sid [ACCESS::session sid]
if { $sid == "" } {
how I get here is I browse to auth/status and if I have no valid cookies, then it logs me in. once I log in , I then go to the console and delete the session
but I can still get to auth/status with out the APM saying hey you cookie / session id is invalid.
how can I get irule to force a relogin back in ? and then return to auth/status ?
Why does apm allow me to get there ???
Also I have a per request policy with just does the SSO mapping item and then allow.
very confused
so why not put a back end to it. I want access to the session info
- Nikoolayy1
MVP
The description of your issue is confusing and better edit your question with precise description of the issue.
For the ASM VIP to APM VIP you use Layered VS (https://support.f5.com/csp/article/K54217479) ?
You can also configure the ASM to protect the APM login page, so no one can can click other pages if they have not passed the login page:
https://support.f5.com/csp/article/K13315545
I think that you can use the Per-Request policy to force again a login.
Better review your multy domain config if you think that there are issues as you need to be carefull with profile scope (https://devcentral.f5.com/s/question/0D51T00006j20Ce/v12-apm-profile-scope):
https://clouddocs.f5.com/training/community/iam/html/archived/class7/module1/lab7.html
For to clear APM session with iRule use "ACCESS::session remove"
