Forum Discussion

Maudigan's avatar
Maudigan
Icon for Altocumulus rankAltocumulus
Feb 23, 2024

Access Page without resetting the session timer

I'm asking this question with the assumption that F5 is storing some kind of session timer, and resetting it each time the user makes an HTTP request.

My application will have it's own session timer, set to be shorter than the F5. This is so I can pause their input progress in a friendly way to tell them they need to reauthenticate before F5's session ends and possibly makes them lose progress on their work.

Our server will the the authoritative source of the users session time. The front end javascript will callback to an API on the server to resynchronize it's session time with the server. It will do this on an interval.

Based on my assumptions, each one of those synchronize requests would cause the F5 session timer to reset. Since this requested is an automated process and not triggered by a user request, that session timer resetting is an undesirable side effect.

 

Long explanation for a short question: How can I make my resynchronize calls to the server without causing the F5 to reset it's session time. Ideally these requests would still have the users EDIPI in the header. Is this possible?

  • Just to clarify, I'm talking about two different session timers. My JS requests are to synchronize the session timer between the front and back end of MY application. I want to prevent those requests from resetting the F5's session timer.

  • These replies have been moved.