Question:
What information is stored in the SMSESSION Cookie ?
Environment:
Policy Server Version : ANY
Web Agent Version : ANY
Answer:
SMSESSION Contains following :
- ATTR_USERDN. The user's distinguished name.
- ATTR_SESSIONSPEC. The session specification returned from the login call.
- ATTR_SESSIONID. The session ID returned from the login call.
- ATTR_USERNAME. The user's name.
- ATTR_CLIENTIP. The IP address of the machine where the user initiated a request for a protected resource.
- ATTR_DEVICENAME. The name of the agent that is decoding the token.
- ATTR_IDLESESSIONTIMEOUT. Maximum idle time for a session.
- ATTR_MAXSESSIONTIMEOUT. Maximum time a session can be active.
- ATTR_STARTSESSIONTIME. The time the session started after a successful login.
- ATTR_LASTSESSIONTIME. The time the current session was last accessed.
SESSIONSPEC can only be decrypted by Policy server. It contains following information :
- SessionVersion
- SessionStartTime
- SessionLastTime
- SessionMaxTimeout
- SessionIdleTimeout
- SessionLevel
- SessionId
- SessionIp
- SessionDn
- SessionDirOid
- SessionDirName
- SessionUnivId
- SessionType
- SessionAnonymous
- SessionImpersonatorName
- SessionLoginName
- SessionPersistent
- SessionDrift
- SessionImpersonatorDirName
- SessionAuthContext
Additional Information:
N/A