HTTP Event Order -- Access Policy Manager
Published Jun 26, 2012
Version 1.0Was this article helpful?
Hi Jason,
It's really a great drawing which helped me to understand how APM work and to write my own irules.
I have some comments about it :
Respond with session terminaison page
but to Respond with denial page
VPE Allow condition
. If VPE is not allowed after ACCESS_POLICY_COMPLETED, session is removed so this condition is always true as only valid session are going there.ACL Defined
and Evaluate ACL
must be merge into one with Denied by ACL
, if not denied, ACCESS_ACL_ALLOWED is evaluated even if no ACL is defined.VPE calls irule Event
as VPE can raise this event multiple timesRespond with session terminaison page
Valid existing session
and URI equals APM logout URI (/vdesk/hangup.php3 or /vdesk/my.logout.php3) --> leads to ACCESS_SESSION_CLOSEDDo you agree with these comments? If I am right, is it possible to update the drawing?