2. Add the OFC Cookie Response configured in step (2) to either OnAuthAccept or OnAccessAccept rule.
3. Add rule to Policy.
On the Client side
Modify the attached SampleOFCConsumer.java as below :
1. Depending upon which Encryption Algorithm is used while configuring OFC cookie response , edit the following variables appropriately :
If using AES Algorithm :
public static final String DEFAULT_TRANSFORMATION = AES_TRANSFORMATION;
public static final String DEFAULT_ALGORITHM = AES_ALGORITHM;
If using DES Algorithm:
public static final String DEFAULT_TRANSFORMATION = DES_TRANSFORMATION;
public static final String DEFAULT_ALGORITHM = TRIPLE_DES_ALGORITHM;
2. In the decrypt() method, update the byte array KEY variable to match the Encryption Key as defined in the Admin UI.
Follow the below steps to convert the string formatted Encryption Key to Byte Array
Step 1 : Copy the value of EncryptionKey from Admin UI==>OFC Cookie Response e.g. : B4578127007497EF8A655E4986D4F63C (see above screenshot)
Step 2 Add space every two characters: B4 57 81 27 00 74 97 EF 8A 65 5E 49 86 D4 F6 3C
Step 3 Append (byte)0x in front of every two character pairs : (byte)0xB4 (byte)0x57 (byte)0x81 (byte)0x27 (byte)0x00 (byte)0x74 (byte)0x97 (byte)0xEF (byte)0x8A (byte)0x65 (byte)0x5E (byte)0x49 (byte)0x86 (byte)0xD4 (byte)0xF6 (byte)0x3C
Step 4 Separate each two character pair using comma: (byte)0xB4,(byte)0x57,(byte)0x81,(byte)0x27,(byte)0x00,(byte)0x74,(byte)0x97,(byte)0xEF,(byte)0x8A,(byte)0x65,(byte)0x5E,(byte)0x49,(byte)0x86,(byte)0xD4,(byte)0xF6,(byte)0x3C
3. Compile the class. Note; the jre/lib should be in the class path.
4. Ensure that the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files patch have been applied to the JRE that is being used.
Testing:
1. Access the protected resource which is configured to return the OFC cookie response and copy the cookie value returned using some script which displays all the response headers :