Forum Discussion
APM logout URI with REDIRECT back to my.policy
Hi, I have APM policy configured to look for Logout URI include link, so that when user clicks the logout button within the app, which matches the APM URI Logout URI link, it will kill the session of the user on the APM.
What I would LIKE to do is, when user actually clicks on logout link and APM kills the session, send the user BACK to the my.policy page (original login page).
Is there a way to do this within APM? Or is this something I must do within iRule? (but then if I do iRule - will the iRule executes faster 302 than the APM has chance to kill the session?)
Thanks for input!
- René_GeileCirrus
Hi,
iRule event HTTP_REQUEST is triggered before LTM forwards traffic to APM. After the server answers APM is working on the traffic and then HTTP_RESPONSE is triggered before submitting the answer to the client.
If you want to do it with iRules this could look like the following sample. It detects logout request URI but first forwards it to the backend system (so it can terminate application sessions) and then terminates the APM session when backend answers.
i_apm_sap_netweaver_singlelogout Provides logout detection for SAP Netweaver with APM 11.5.x in Portal Access Mode when HTTP_REQUEST { set debug 0 set uri [HTTP::uri] set host [HTTP::host] set apm_logout_request 0 if { $debug eq 1 } { log local0.info "HTTP [HTTP::method] request to URL https://${host}${uri}" } if {$uri ends_with "/irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.masthead.LogOutComponent" } { if { $debug eq 1 } { log local0.info "SAP Netweaver Logout URI $uri detected. Checking for session..." } set apm_cookie [HTTP::cookie value MRHSession] if { $apm_cookie != "" && [ACCESS::session exists $apm_cookie] } { set apm_state [ACCESS::session data get "session.policy.result"] if { $debug eq 1 } { log local0.info "Received Cookie MRHSession=$apm_cookie for existing session in state $apm_state" } set apm_logout_request 1 } } } when HTTP_RESPONSE { if { $apm_logout_request eq 1 } { log local0.info "Performing APM session logout for MRHSession=$apm_cookie session in state $apm_state" ACCESS::session remove -sid $apm_cookie HTTP::respond 302 noserver Location "https://$host/irj/portal" Connection close Set-Cookie "MRHSession=deleted;path=/;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT" Set-Cookie "LastMRH_Session=deleted;path=/;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT" event disable all } }
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com