Cookies

An Oracle Health Insurance application is accessed by users through a browser. BecauseOracle Health Insurance applications use session cookies to manage user sessions, cookies must be enabled in the browser. Consult the browser’s documentation to configure the use of cookies.

The JSESSIONID session cookie contains the session ID generated for a user to manage data associated with the user’s session. A unique session ID is generated when a user successfully logs into the Oracle Health Insurance application. The session ID is generated by the JEE server and passed to a browser as a non-persistent cookie. The browser retains it for the duration of the session, and deletes it when the user logs out or the session times out. During a session, when a browser issues a request back to the application server, it sends the session cookie in the HTTP header of the request. Requests that do not contain valid session IDs are not processed by the server.

Note that cookies must be properly secured to prevent session stealing. See the WebLogic Documentation for options.