Configuring Access Manager to Protect Against Cookie Hijacking (Sun Java System Access Manager 7.1 Administration Guide)

Sun Java System Access Manager 7.1 Administration Guide

Previous: To Create or Modify an Agent
Next: Filtered Role

Configuring Access Manager to Protect Against Cookie Hijacking

Cookie hijacking refers to a situation where an imposter (a hacker, perhaps using an untrusted application) gains unauthorized access to cookies. When the cookies being hijacked are session cookies, cookie hijacking can potentially increase the threat of unauthorized access to protected web resources, depending on how the system is configured.

Sun documentation provides a technical note entitled, “Precautions Against Session-Cookie Hijacking in an Access Management Deployment” which provides information about precautions you can take to against specific security threats related to session-cookie hijacking. See the following document:

Technical Note: Precautions Against Cookie Hijacking in an Access Manager Deployment

Previous: To Create or Modify an Agent
Next: Filtered Role