Frequently Asked Interview Questions

What are Cookies?


What are Cookies?
  • Maintains user info on the client machine
  • Only accessible by the user and the cookie provider
  • Maintains the session
  • Types of cookies
SessionCookie
PersistentCookie
SecureCookie - Cookie over SSL

In the SiteMinderenvironment, when your web browser connects to the Web Agent located on the WebServer, the Web Agent needs to have some identification and access level. Youridentification is contained within a small text file, “the cookie.” This allowsthe Web Agent to know who is trying to gain access to certain assets orprograms
An important characteristicof the cookie is that it maintains the session by maintaining the useridentification and access level information for the duration of the session.Referring to the HTTP protocol, one of it’s characteristics is that is has noinherent way to keep state. This means that HTTP itself does not include userdata in it’s effort to connect a web browser to a web server. Going into thedetail of how your web browser is connecting with the web server, theconnection is dependant upon the sending of data packets across the network.HTTP is responsible for getting the data packets between the machines, however,it is SiteMinder that is responsible for managing the identity and access levelof the user. SiteMinder relies on the information contained in the cookie tomanage and secure user access, creating a method that keeps track of a user andtheir access level. Without cookies, there is no way to know if a request isfrom the same user/application.

SiteMinder usesthree types of cookies:
SMSession– A transient cookie that is killed by logging off or closing of the browser.SMSESSION is our session ticket. This cookie is RC2 128bit encrypted, and theencryption key can be changed as often as once an hour.
Persistent– Persists over multiple browser sessions. Can be killed through a log offpage. Stored in a file on your system.
Secure Cookie – The wholecommunications session between browser and web agent is occurs over SSL.Cookies can be session or persistent; however they are encrypted andtransmitted over SSL. The Web Agent must be configured to use SSL for sendingcookies.


Posted by Ramu
Labels:

Most Visited Pages

  • Unable to process SMSESSION cookie
      Unable to process SMSESSION cookie warning in siteminder webagent logs We could see this warning in siteminder web agent logs. user tries ...
  • Policy Server Failover
    Exercise 1 : Policy Server Failover In this exercise, you and a partner will configure your systems for policy server failover. You will cha...
  • Policy Server Failover, Load Balancing and Clustering
    Overview Agent to Policy Server Failover Dynamic Load Balancing Policy Server Clustering Exercise 1: Policy Server Failover Exercise 2: Mult...
  • Policy Server Clustering
    A cluster is a set of servers with dynamic load balancing. Load is dynamically distributed among the servers in a cluster. Trusted hosts can...
  • SQL Interview Questions on JOINS
    <<PREV SQL Interview Questions on JOINS NEXT >> 21. Difference between char and nvarchar / char and varchar data-type? char[(n)...
  • Siteminder Tutorials
    Siteminder Tutorials :: Conceptual Overview N-Tier Architecture Components SiteMinder Overview SiteMinder Components SiteMinder Features Sin...
  • Failover and Load Balancing
    Failover and Load Balancing SiteMinder allows the following failover and load balancing strategies: – Agent topolicy server o Failover...
  • Triggers in SQL
    What is a Trigger? A trigger is a special kind of stored procedure that is invoked whenever an attempt is made to modify the data in the tab...
  • N-Tier Architecture Components
    N-Tier Architecture Components Clients (Browser & Standalone Application) – managesuser (a.k.a. actors) interaction with the applica...
  • Policy Server Services
    Policy Server Services Policy Server directs all of SiteMinder’s services Policy Server’s Services include: – Policy Server o Authe...
Home | Site Index | Contact Us