System::Session::set_force_sessions_state¶
Introduced : BIG-IP_v12.0.0
Sets the state for all future iControl SOAP requests whether or not to
force non-default iControl SOAP sessions to be established before SOAP
requests are processed. This will disable the use of the default
session identifier (the username) and force the use of a system
provided identifier received from a call to get_session_identifier.
This is set to STATE_DISABLED by default. Only administrators can set
this value. This was introduced in BIG-IP_v12.0.0 to enable enhanced
protections against CSRF attacks. Any attempts to run a command
without a session will return a “Could not find the iControl session
for error”. Use caution before turning this feature on as it may break
existing SOAP clients, many of which may not establish sessions before
making requests. This will also set the “iControl.ForceSessions” DB
variable to “enable” or “disable” respectively. If modifying the DB
variable directly, restart httpd to make the changes go into effect.
In order tune iControl SOAP sessions to your needs, see:
get_session_identifier: which will return the session ID for a given
session. set_session_timeout: which will set the amount of time a
session will be in effect. set_maximum_sessions: which will set the
maximum number of concurrent user sessions at any given time.
Parameters¶
Parameter | Type | Description |
state | EnabledState | State to allow default sessions for SOAP requests. |
Exceptions¶
Exception | Description |
Common::AccessDenied | Raised if the client credentials are not valid. |
Common::InvalidArgument | Raised if one of the arguments is invalid. |
Common::OperationFailed | Raised if an operation error occurs. |
See Also¶
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.