APM Forms SSO Session Logout Error Page
Good day!
I am trying to get my policy to recognize when the page /Login/LogOff is being accessed. I'm using Forms Based SSO to front-end an application which is working successfully, but when the user selects the "Log Off" button on the application (not the BIG-IP/APM), an error page is being generated.
I am using the iRule:
when ACCESS_ACL_ALLOWED {
if { [HTTP::uri] equals "/Login/LogOff" } {
ACCESS::session remove
ACCESS::respond 302 Location "http://[HTTP::host]" "Set-Cookie" "MRHSession=0; expires=Tuesday, 29-Mar-1970 00:15:00 GMT" "Connection" "Close"
}
}
Error generated:
Access policy evaluation is already in progress for your current session.
You may see this message, if you are using a different browser tab than the one where you started the access policy initially. Please continue to finish your access policy in the previous browser tab, and close this current window immediately.
If you have reached to this message due to some other error, click for creating a new session.
I've also attempted SOL12056, but with limited success. It does infact terminate the session, but does not successfully redirect the user to the login page immediately. There's a delay and the lowest is 1 second.
With the iRule, I've been able to redirect and I've been able to terminate the APM session. But I am unable to do both at the same time.
I've tried a myriad of other iRules and combinations and orders with no additional success.
Thoughts?
Thanks!
If you change the rule to have the redirect logic in the response it will allow the backend application to receive the request and close the session there as well. This will ensure both the app and APM session are closed properly.
when CLIENT_ACCEPTED { ACCESS::restrict_irule_events disable } when HTTP_REQUEST { set logout 0 if {[HTTP::uri]] equals "/Login/logoff"]}{set logout 1} } when HTTP_RESPONSE { if {$logout}{ log local0. "logout-request-URI: local URI [HTTP::host][HTTP::uri] redirect to /vdesk/hangup.php3" HTTP::header replace "Location" "/vdesk/hangup.php3" } }