F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Sakiy's avatar
Sakiy
Icon for Altocumulus rankAltocumulus
Nov 22, 2022

Remained MRHSession cookie cause login issue to Vmware horizon at 2nd access with MS Edge

We use APM for Horizon PCoIP gateway. We send login credential by POST to login webtop for Horizon VDI. 1st access is always OK. But if it is access 2nd or later times without closing MS edge browse...
event
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Nov 24, 2022

Hi Sakiy,

I always use an iRule to fix APMs rather broken errorhandling if MRHSession cookies from previous APM sessions remain in browser. I believe you could use the very same iRule to fix your problems...

when HTTP_REQUEST {

	# Fixing APMs complains when restart of APM sessions occur....

	if { [HTTP::cookie value "MRHSession"] eq "" } then {

		# APM cookie not present so we do nothing...	

	} elseif {  [ACCESS::session exists -state_allow [HTTP::cookie value "MRHSession"]] } then {

		# APM cookie present and already authenticated. Pass the cookie to APM...		

	} elseif { ( [HTTP::path] starts_with "/public/images/customization/" ) 
			or ( [HTTP::path] starts_with "/saml/sp/profile/post/acs" ) } then {

		# APM cookie present but not authenticated and requesting APM resources which are not hidden by APMs HUD filter. Do nothing...	

	} else {

		# APM Cookie present but not authenticated. Killing existing APM session (if exists) and remove MRHSession cookie from the ongoing request...

		ACCESS::session remove
		HTTP::cookie remove "MRHSession"

	}

}

The iRule simply removes inactive MRHSession cookies from those requests which are not hidden by APMs HUD Filter (aka. Request to APM itself). 

Give it a try...

Cheers, Kai