cookies - login vs. session

What's the difference between a Login Cookie and a Session Cooke Path?

What's that cookie in my browser from? 

 

Thanks,

Laura

  • 0
  • 0
  • 1605
  • 3
  • 2

Answers

Laura, this is a conversation about CACHÉ and related topics.

I am not sure your questions belong here.

Unless I am missing something here?

nope.  i'm talking about Cache web applications. There are two properties onthe web application page: Loging Cookie, and Session Cookie Path.  The Session cookie path is a path.  We set all of our applications to use the same session cookie path. We do not have the Login Cookie option set.  So, presumably all of our applications use the same (cache) authentication because of the session cookie path.

 

Jsut wondering what would happed if I check that little Login COokie Path box.

 

I also see cookies in my browser, with the same session ID as some of my CSP sessions. Wondering what that cookie is.  Not a login cookie?

 

Thanks,

Laura

  • Session Cookie Path - Scope of the session cookie. This determines which URLs the browser uses to send the session cookie back to Caché. If your application name is myapp, it defaults to /myapp/ meaning it only sends the cookie for pages under /myapp/. If you restrict this to only what is required by your application, it prevents this session cookie being used by other CSP applications on this machine, or from being seen by any other application on this web server. On the other hand, browsers and cookies are case sensitive. Setting the session cookie to '/' can prevent license or session problems if, for example, an application name changes from capital to lowercase letters.
  • Login Cookies hold information about the most recently logged-in user. If you want to keep your users from having to log in too often, but you want your applications to remain distinct and unconnected, use Login Cookies.

AH.  IF we use cookies, they will be stored in the Session Cookie Path.  We don't, but the Application must use at least the one login cookie to pass authentication between applications.  I can see it in my browser, and it's called CSPSESSIONID +other stuff.  

I'm thinking that this login cookie would be used somehow if the Login Cookie is selected? Or not used?  We don't want that either-- we like the continuity between applications. But, what does happen if the Login Cookie is selected in the web application?

 

What could we store in a cookie?  Can we possibly find out if a second tab has been opened by using a cookie?

IF we use cookies, they will be stored in the Session Cookie Path.

Cookie has a property named path. Whed browser determines, does the cookie apply to a current page, it checks if the cookie path is less or equal to current URL.

I'm thinking that this login cookie would be used somehow if the Login Cookie is selected? Or not used? 

It would be used, if checked.

what does happen if the Login Cookie is selected in the web application?

Login Cookies hold information about the most recently logged-in user. If you want to keep your users from having to log in too often, but you want your applications to remain distinct and unconnected, use Login Cookies. For Login Cookies, place each application in a separate session. Then authentication is shared only when an application is entered for the first time. Login Cookies applications do not form a group. So after login, changes in authentication in one application do not affect the other applications. Documentation.

What could we store in a cookie? Can we possibly find out if a second tab has been opened by using a cookie?

You can store text values in cookie. I suggest you read wiki article on them.