AltostratusHi All,
We are using APM as oauth client to provide SSO for applications hosted behind LTM, the problem we are facing now F5 is not automatically providing any sign about session timeout, user has to refresh the screen to get the authentication page again
is there anyway to implement the timeout splash same as above for max session timeout ? any hit will be appreciated
AltostratusThere are couple of issues i want to cover. now we are using siteminder and all of these use-case are covered but we have problem when we switch to APM.
APM mode: as oauth client
Thanks for your response and support
EmployeeGreat, thanks for the additional detail.
For both of these, do you know how they operate in your current Siteminder deployment? Does the Siteminder inject javascript timeout warnings or somehow cause the app to refresh or update? Does the app hold a different configuration that causes the redirect? Web apps have various mechanisms to do these kinds of functions, unfortunately there is no "standard way" to do it, so each web app is unique.
AltostratusLucas_Thompson as per our admin siteminder policy server maintain the session based on the activity time timeout will trigger based on last activity time
EmployeeAPM does offer the ability to inject a timeout pop-up into a 3rd party web app, but this feature is part of Portal Access Rewrite, which we don't recommend using for most web apps due to compatibility problems with obfuscated and minified modern web app frameworks.
Because APM can't really "inject pop-up screens" into 3rd party web apps with reasonable reliability, how would you like the system to behave? We have full control over all HTTP requests and responses, so we can redirect users or modify the APM "Your session is timed out" screen.