System::Session::set_force_sessions_state

Introduced : BIG-IP_v12.0.0
Sets the state for all future iControl SOAP requests whether or not to force non-default iControl SOAP sessions to be established before SOAP requests are processed. This will disable the use of the default session identifier (the username) and force the use of a system provided identifier received from a call to get_session_identifier. This is set to STATE_DISABLED by default. Only administrators can set this value. This was introduced in BIG-IP_v12.0.0 to enable enhanced protections against CSRF attacks. Any attempts to run a command without a session will return a “Could not find the iControl session for error”. Use caution before turning this feature on as it may break existing SOAP clients, many of which may not establish sessions before making requests. This will also set the “iControl.ForceSessions” DB variable to “enable” or “disable” respectively. If modifying the DB variable directly, restart httpd to make the changes go into effect. In order tune iControl SOAP sessions to your needs, see: get_session_identifier: which will return the session ID for a given session. set_session_timeout: which will set the amount of time a session will be in effect. set_maximum_sessions: which will set the maximum number of concurrent user sessions at any given time.

Prototype

 set_force_sessions_state(
    in EnabledState state
);

Parameters

Parameter Type Description
state EnabledState State to allow default sessions for SOAP requests.

Return Type

Type Description
void  

Exceptions

Exception Description
Common::AccessDenied Raised if the client credentials are not valid.
Common::InvalidArgument Raised if one of the arguments is invalid.
Common::OperationFailed Raised if an operation error occurs.

See Also

iControl ::
iControl :: System :: Session

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code


Copyright © 1996-2012, F5 Networks, Inc. All rights reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.