Data stored in the SMSESSION Cookie
Article ID: 45705
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
SITEMINDER
Issue/Introduction
What information is stored in the SMSESSION Cookie?
Environment
Policy Server Version : ANY
Web Agent Version : ANY
Resolution
From documentation, the SMSESSION Cookie includes the following:
SMSESSION Contains following:
ATTR_USERDN. The user's distinguished name.
ATTR_SESSIONSPEC. The session specification returned from the login call.
ATTR_SESSIONID. The session ID returned from the login call.
ATTR_USERNAME. The user's name.
ATTR_CLIENTIP. The IP address of the machine where the user initiated a request for a protected resource.
ATTR_DEVICENAME. The name of the agent that is decoding the token.
ATTR_IDLESESSIONTIMEOUT. Maximum idle time for a session.
ATTR_MAXSESSIONTIMEOUT. Maximum time a session can be active.
ATTR_STARTSESSIONTIME. The time the session started after a successful login.
ATTR_LASTSESSIONTIME. The time that the Policy Sever was last accessed within the session.
SESSIONSPEC can only be decrypted by Policy server. It contains following information:
SessionVersion
SessionStartTime
SessionLastTime
SessionMaxTimeout
SessionIdleTimeout
SessionLevel
SessionId
SessionIp
SessionDn
SessionDirOid
SessionDirName
SessionUnivId
SessionType
SessionAnonymous
SessionImpersonatorName
SessionLoginName
SessionPersistent
SessionDrift
SessionImpersonatorDirName
SessionAuthContext
Additional Information
"When a user in SiteMinder protected realm is authenticated, Web Agent generates an SMSESSION. The SMSESSION Cookie represents a user session.
The SMSESSION contains the following information"
Reference: Session Cookie Management
Feedback
Yes
No
Powered by
