Layer 7 Access Management

Tech Tip : CA Single Sign-On : What information is stored in the SMSESSION Cookie

  • 1.  Tech Tip : CA Single Sign-On : What information is stored in the SMSESSION Cookie

    Posted 10-04-2018 05:22 AM

    Question:

     

    What information is stored in the SMSESSION Cookie ?

     

    Environment:

     

    Policy Server Version : ANY

    Web Agent Version : ANY

     

    Answer:

     

    SMSESSION Contains following :

    * ATTR_USERDN. The user's distinguished name.
    * ATTR_SESSIONSPEC. The session specification returned from the login call.
    * ATTR_SESSIONID. The session ID returned from the login call.
    * ATTR_USERNAME. The user's name.
    * ATTR_CLIENTIP. The IP address of the machine where the user initiated a request for a protected resource.
    * ATTR_DEVICENAME. The name of the agent that is decoding the token.
    * ATTR_IDLESESSIONTIMEOUT. Maximum idle time for a session.
    * ATTR_MAXSESSIONTIMEOUT. Maximum time a session can be active.
    * ATTR_STARTSESSIONTIME. The time the session started after a successful login.
    * ATTR_LASTSESSIONTIME. The time that the Policy Sever was last accessed within the session.

    SESSIONSPEC can only be decrypted by Policy server. It contains following information :

    * SessionVersion
    * SessionStartTime
    * SessionLastTime
    * SessionMaxTimeout
    * SessionIdleTimeout
    * SessionLevel
    * SessionId
    * SessionIp
    * SessionDn
    * SessionDirOid
    * SessionDirName
    * SessionUnivId
    * SessionType
    * SessionAnonymous
    * SessionImpersonatorName
    * SessionLoginName
    * SessionPersistent
    * SessionDrift
    * SessionImpersonatorDirName
    * SessionAuthContext

     

    Additional information :
    This has been incorporated into the documentation. Please visit 
    docops.ca.com for your version for updated information


    KB : KB000045705