Nimbostratus
CirrusHi,
iRule event HTTP_REQUEST is triggered before LTM forwards traffic to APM. After the server answers APM is working on the traffic and then HTTP_RESPONSE is triggered before submitting the answer to the client.
If you want to do it with iRules this could look like the following sample. It detects logout request URI but first forwards it to the backend system (so it can terminate application sessions) and then terminates the APM session when backend answers.
i_apm_sap_netweaver_singlelogout
Provides logout detection for SAP Netweaver with APM 11.5.x in Portal Access Mode
when HTTP_REQUEST {
set debug 0
set uri [HTTP::uri]
set host [HTTP::host]
set apm_logout_request 0
if { $debug eq 1 } { log local0.info "HTTP [HTTP::method] request to URL https://${host}${uri}" }
if {$uri ends_with "/irj/servlet/prt/portal/prtroot/com.sap.portal.navigation.masthead.LogOutComponent" } {
if { $debug eq 1 } { log local0.info "SAP Netweaver Logout URI $uri detected. Checking for session..." }
set apm_cookie [HTTP::cookie value MRHSession]
if { $apm_cookie != "" && [ACCESS::session exists $apm_cookie] } {
set apm_state [ACCESS::session data get "session.policy.result"]
if { $debug eq 1 } { log local0.info "Received Cookie MRHSession=$apm_cookie for existing session in state $apm_state" }
set apm_logout_request 1
}
}
}
when HTTP_RESPONSE {
if { $apm_logout_request eq 1 } {
log local0.info "Performing APM session logout for MRHSession=$apm_cookie session in state $apm_state"
ACCESS::session remove -sid $apm_cookie
HTTP::respond 302 noserver Location "https://$host/irj/portal" Connection close Set-Cookie "MRHSession=deleted;path=/;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT" Set-Cookie "LastMRH_Session=deleted;path=/;secure;expires=Thu, 01 Jan 1970 00:00:00 GMT"
event disable all
}
}