WEBLOGCOOKIE (JANUS DEFINE parameter): Difference between revisions
mNo edit summary |
m (1 revision) |
(No difference)
|
Revision as of 23:19, 28 February 2012
<section begin="desc" />WEBLOGCOOKIE cookie-name -- log user with web cookie id.<section end="desc" />
WEBLOGCOOKIE is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port. See the List of JANUS DEFINE parameters.
This parameter indicates that, for public URLs, Janus Web should log the user in with the userid specified by cookie-name. Normally, all public URL logins use the default public userid (usually WEBUSER). This parameter simply allows applications to set their own public userids. One way to do this is with the Janus Web API function $Web_Set_Cookie.
If you specify the WEBLOGCOOKIE parameter, use caution if you also use the WEBPUBLOG parameter. WEBPUBLOG logins use CCASTAT or an external authorizer for public logins, therefore if a login cookie specifies a userid which has system privileges, a security breach is possible. For this reason, use of WEBLOGCOOKIE with WEBPUBLOG is not recommended, but it is not explicitly prohibited.
Note that some browsers do not support cookies (though most do) and end-users can turn off support of the cookies feature. An end-user using a browser that does not support cookies or has their support turned off will be logged in using the default public userid (usually WEBUSER).
Public logins that use a WEBLOGCOOKIE cookie will participate in web logging.
Valid only for WEBSERV ports.