CirrusExchange 2013 Timeout using Forms-Based-Authentication
We are using F5 LTM and APM to proxy our OWA connections to Exchange 2013. Everything is working fine except the session inactivity timeouts. My sessions are not timing out. We are using the following irule from the Deployment guide. If a session is left at the login prompt, it times out fine, but if the user does not interact with the session, it is not timing out. We would like it to timeout in 15 minutes, internally and externally. Any help would be appreciated.
when RULE_INIT {
set static::cookie_sessionid [format "sessionid=null; path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;"]
set static::cookie_cadata [format "cadata=null; path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;"]
set static::cookie_usercontext [format "UserContext=null; path=/; Expires=Thurs, 01-Jan-1970 00:00:00 GMT;"]
}
when ACCESS_SESSION_STARTED { if { [string tolower [HTTP::uri]] contains "ua=0" } { ACCESS::session remove } }
when ACCESS_ACL_ALLOWED { set apm_mrhsession [HTTP::cookie value "MRHSession"] if { [table lookup $apm_mrhsession] == "EXCHANGE_LOGOUT" } { ACCESS::session remove table delete $apm_mrhsession } }
when HTTP_REQUEST { set isset 0 if {[string tolower [HTTP::uri]] starts_with "/owa" } { if {[string tolower [HTTP::uri]] contains "logoff" } { ACCESS::session remove HTTP::respond 302 Location "https://[HTTP::host]/vdesk/hangup.php3" "Set-Cookie" $static::cookie_sessionid "Set-Cookie" $static::cookie_cadata "Set-Cookie" $static::cookie_usercontext } else { if { [string tolower [HTTP::uri]] contains "ua=0" } { set mrhsession [HTTP::cookie value "MRHSession"] set isset 1 } } } }
when HTTP_RESPONSE { if { $isset == 1 } { if { $mrhsession != "" && [HTTP::status] == 440 } { table set $apm_mrhsession "EXCHANGE_LOGOUT" return } } }