Forum Discussion
Kevin_Stewart
Oct 19, 2015Employee
If I may add, while a longer timer is definitely the way to go, here's an iRule solution that will extend the SSO_ORIG_URI across access sessions:
when ACCESS_SESSION_STARTED {
if { [HTTP::uri] contains "/F5Networks-SSO-Req?SSO_ORIG_URI" } {
set sid [string range [ACCESS::session sid] [expr [string length [ACCESS::session sid]] -8] end]
table set -subtable SSO ${sid} [findstr [HTTP::uri] "=" 1]
}
}
when HTTP_REQUEST {
if { [HTTP::cookie exists MRHSession] } {
set sid [string range [HTTP::cookie value MRHSession] [expr [string length [HTTP::cookie value MRHSession]] -8] end]
if { ( [HTTP::uri] equals "/" ) and ( [HTTP::cookie exists MRHSession] ) and not ( [ACCESS::session exists -sid [HTTP::cookie value MRHSession]] ) and ( [table lookup -subtable SSO ${sid}] ne "" ) } {
HTTP::respond 302 Location "/F5Networks-SSO-Req?SSO_ORIG_URI=[table lookup -subtable SSO ${sid}]"
table delete -subtable SSO ${sid}
unset sid
}
}
}