Policy for Specifying Cookie Persistence in Authentication

book

Article ID: 171186

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

A policy for specifying cookie persistence in authentication is a new feature available starting in SGOS 6.7.3.1.

It's now possible to now control cookie persistence during user authentication. The following CPL action was added:

authenticate.persist_cookies(auto|no|yes)

Please reference the 6.7.3.x Release Notes which can be downloaded at https://support.symantec.com > Downloads > Network Protection (BlueCoat) Downloads - and navigate to the 6.7.3 release notes for the Proxy or Advanced Secure Gateway for more information on this. 

Also, view the "What's New" section in the following article on 6.7.3.1: SGOS 6.7.3.1 (GA)

 

Resolution

The following CPL action was added:

authenticate.persist_cookies(auto|no|yes)

  • auto means that the cookie persistency value configured in the realm will be used.
  • no means that the session cookie will be used in authentication in this transaction.
  • yes means that the persistent cookie will be used in authentication in this transaction.

 

Example

The following example specifies that persistent cookies are used in requests to ‘mycompany’ web pages. Users do not have to log in again on other ‘mycompany’ web pages after the user is already authenticated.

<proxy>
url.host.regex=mycompany authenticate.persist_cookies(yes)


Reference Information:

Visual Policy Manager Reference (6.7.x)

Content Policy Language Reference (6.7.x)