Last Modified: Dec 07, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6
Opened: Jun 20, 2022 Severity: 3-Major
Users are unable to logout from OWA.
Clicking the OWA 'Sign out' button will do nothing other than showing this message: "To finish signing out, please close all open browser windows." That means APM cookies will not be automatically deleted and session will still be active.
BIG-IP is configured with kerberos SSO against the exchange server. Users try to use the OWA "Sign out" button.
Any one of these will mitigate the issue: -- Send a request to "/owa/logoff.owa" will help complete the sign out process on the client and initiate the logout on APM side. -- Close the browser to clear out APM cookies on the client side (session will remain active on APM). -- Configure FBA authentication for OWA on Exchange server and client initiated form based SSO on APM
None