Persistent Cookie
A persistent cookie is one that continues to exist after the web browser is closed, allowing a user to login with a new browser session without having to re-authenticate. The name of the cookie is defined by the com.iplanet.am.pcookie.name property in AMConfig.properties; the default value is DProPCookie . The cookie value is a 3DES-encrypted string containing the userDN, realm name, authentication module name, maximum session time, idle time, and cache time.
To Enable Persistent Cookies
-
Turn on the Persistent Cookie Mode in the Core Authentication module.
-
Configure a time value for the Persistent Cookie Maximum Time attribute in the Core Authentication module.
-
Append the iPSPCookie Parameter with a value of yes to the User Interface Login URL.
Once the user authenticates using this URL, if the browser is closed, they can open a new browser window and will be redirected to the console without re-authenticating. This will work until the time defined in Step 2 elapses.
Persistent Cookie Mode can be turned on using the Authentication SPI method:
AMLoginModule.setPersistentCookieOn().
- © 2010, Oracle Corporation and/or its affiliates