Skip to content
Was this article helpful?

tm-sessionAction

The following operations can be performed on "tm-sessionAction":

add| rm| set| unset| show|

add tm sessionAction

Creates a session action (profile) that allows you to override global settings for any of the session parameters.

Synopsis

add tm sessionAction <name> [-sessTimeout <mins>] [-defaultAuthorizationAction ( ALLOW | DENY )] [-SSO ( ON | OFF )] [-ssoCredential ( PRIMARY | SECONDARY )] [-ssoDomain <string>] [-httpOnlyCookie ( YES | NO )] [-kcdAccount <string>] [-persistentCookie ( ON | OFF )] [-persistentCookieValidity <mins>] [-homePage <URL>]

Arguments

name

Name for the session action. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. Cannot be changed after a session action is created.

The following requirement applies only to the Citrix ADC CLI: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my action" or 'my action').

sessTimeout

Session timeout, in minutes. If there is no traffic during the timeout period, the user is disconnected and must reauthenticate to access intranet resources. Minimum value: 1

defaultAuthorizationAction

Allow or deny access to content for which there is no specific authorization policy.

Possible values: ALLOW, DENY

SSO

Use single sign-on (SSO) to log users on to all web applications automatically after they authenticate, or pass users to the web application logon page to authenticate to each application individually.

Possible values: ON, OFF Default value: OFF

ssoCredential

Use the primary or secondary authentication credentials for single sign-on (SSO).

Possible values: PRIMARY, SECONDARY

ssoDomain

Domain to use for single sign-on (SSO).

httpOnlyCookie

Allow only an HTTP session cookie, in which case the cookie cannot be accessed by scripts.

Possible values: YES, NO Default value: YES

kcdAccount

Kerberos constrained delegation account name

persistentCookie

Enable or disable persistent SSO cookies for the traffic management (TM) session. A persistent cookie remains on the user device and is sent with each HTTP request. The cookie becomes stale if the session ends. This setting is overwritten if a traffic action sets persistent cookie to OFF. Note: If persistent cookie is enabled, make sure you set the persistent cookie validity.

Possible values: ON, OFF

persistentCookieValidity

Integer specifying the number of minutes for which the persistent cookie remains valid. Can be set only if the persistent cookie setting is enabled. Minimum value: 1

homePage

Web address of the home page that a user is displayed when authentication vserver is bookmarked and used to login.

rm tm sessionAction

Deletes an existing session action.

Synopsis

rm tm sessionAction <name>

Arguments

name

Name of the session action to delete.

set tm sessionAction

Modifies the specified parameters of an existing session action.

Synopsis

set tm sessionAction <name> [-sessTimeout <mins>] [-defaultAuthorizationAction ( ALLOW | DENY )] [-SSO ( ON | OFF )] [-ssoCredential ( PRIMARY | SECONDARY )] [-ssoDomain <string>] [-kcdAccount <string>] [-httpOnlyCookie ( YES | NO )] [-persistentCookie ( ON | OFF )] [-persistentCookieValidity <positive_integer>] [-homePage <URL>]

Arguments

name

Name of the session action to modify.

sessTimeout

Session timeout, in minutes. If there is no traffic during the timeout period, the user is disconnected and must reauthenticate to access intranet resources. Minimum value: 1

defaultAuthorizationAction

Allow or deny access to content for which there is no specific authorization policy.

Possible values: ALLOW, DENY

SSO

Use single sign-on (SSO) to log users on to all web applications automatically after they authenticate, or pass users to the web application logon page to authenticate to each application individually.

Possible values: ON, OFF Default value: OFF

ssoCredential

Use the primary or secondary authentication credentials for single sign-on (SSO).

Possible values: PRIMARY, SECONDARY

ssoDomain

Domain to use for single sign-on (SSO).

kcdAccount

Kerberos constrained delegation account name

httpOnlyCookie

Allow only an HTTP session cookie, in which case the cookie cannot be accessed by scripts.

Possible values: YES, NO Default value: YES

persistentCookie

Enable or disable persistent SSO cookies for the traffic management (TM) session. A persistent cookie remains on the user device and is sent with each HTTP request. The cookie becomes stale if the session ends. This setting is overwritten if a traffic action sets persistent cookie to OFF. Note: If persistent cookie is enabled, make sure you set the persistent cookie validity.

Possible values: ON, OFF

persistentCookieValidity

Integer specifying the number of minutes for which the persistent cookie remains valid. Can be set only if the persistent cookie setting is enabled. Minimum value: 1

homePage

Web address of the home page that a user is displayed when authentication vserver is bookmarked and used to login.

unset tm sessionAction

Use this command to remove tm sessionAction settings.Refer to the set tm sessionAction command for meanings of the arguments.

Synopsis

unset tm sessionAction <name> [-sessTimeout] [-defaultAuthorizationAction] [-SSO] [-ssoCredential] [-ssoDomain] [-kcdAccount] [-httpOnlyCookie] [-persistentCookie] [-persistentCookieValidity] [-homePage]

show tm sessionAction

Displays information about all configured traffic management (TM) session actions, or detailed information about the specified TM session action.

Synopsis

show tm sessionAction [<name>]

Arguments

name

Name of the existing traffic management (TM) session action for which to display detailed information.

Output

sessTimeout

The session timeout, in minutes, set by the action.

defaultAuthorizationAction

The Authorization Action, e.g. allow or deny

stateflag

SSO

Whether or not Single Sign-On is used for this session.

ssoCredential

Use the primary or secondary authentication credentials for single sign-on (SSO).

ssoDomain

Domain to use for single sign-on (SSO).

kcdAccount

Kerberos constrained delegation account name

httpOnlyCookie

Allow only an HTTP session cookie, in which case the cookie cannot be accessed by scripts.

persistentCookie

Enable or disable persistent SSO cookies for the traffic management (TM) session. A persistent cookie remains on the user device and is sent with each HTTP request. The cookie becomes stale if the session ends. This setting is overwritten if a traffic action sets persistent cookie to OFF. Note: If persistent cookie is enabled, make sure you set the persistent cookie validity.

persistentCookieValidity

Integer specifying the number of minutes for which the persistent cookie remains valid. Can be set only if the persistent cookie setting is enabled.

homePage

Web address of the home page that a user is displayed when authentication vserver is bookmarked and used to login.

builtin

Indicates that a variable is a built-in (SYSTEM INTERNAL) type.

feature

The feature to be checked while applying this config

devno

count

Was this article helpful?