SESCOOKIE (JANUS DEFINE parameter): Difference between revisions

From m204wiki
Jump to navigation Jump to search
mNo edit summary
mNo edit summary
Line 8: Line 8:
<var>SESCOOKIE</var> cookies are cryptographically designed to be virtually impossible to "fake".  
<var>SESCOOKIE</var> cookies are cryptographically designed to be virtually impossible to "fake".  


If both <var>SESCOOKIE</var> and [[SSLSES]] are specified, the session associated with the <var>SESCOOKIE</var> will be used in preference to the session associated with the SSL session, though these should almost always be the same.  
If both <var>SESCOOKIE</var> and <var>[[SSLSES (JANUS DEFINE parameter)|SSLSES]]</var> are specified, the session associated with the <var>SESCOOKIE</var> will be used in preference to the session associated with the SSL session, though these should almost always be the same.  


<var>SESCOOKIE</var> is valid only for WEBSERV ports.
<var>SESCOOKIE</var> is valid only for WEBSERV ports.

Revision as of 17:32, 28 February 2012

<section begin="desc" />SESCOOKIE cookie -- name session cookie.<section end="desc" />

SESCOOKIE is a parameter on JANUS DEFINE, which defines and sets characteristics of a Janus port. See the List of JANUS DEFINE parameters.

Indicates the name of a cookie that will be used to maintain logical sessions that will be used to perform trusted logins for Janus port users who have just logged in through typical HTTP challenge-response mechanisms or through a $Sir_Login issued during NEWSESCMD processing. This feature reduces the overhead of NEWSESCMD processing by limiting it to logical session establishment time, and it eliminates some of the idiosyncrasies of HTTP challenge-response authentication associated with password changes, whether end-user or system initiated.

SESCOOKIE cookies are cryptographically designed to be virtually impossible to "fake".

If both SESCOOKIE and SSLSES are specified, the session associated with the SESCOOKIE will be used in preference to the session associated with the SSL session, though these should almost always be the same.

SESCOOKIE is valid only for WEBSERV ports.

See also