How much is the max length (in characters) of a SMSession cookie?

Document ID : KB000020795
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

SMSession cookie length is not fixed because the information that it contains vary.

SMSession cookie will generally be between 800 bytes an 1K. Closer to 800 bytes generally speaking.

Solution:

The SMSESSION cookie length is not fixed, it encrypt the following information:

   SM_AGENTAPI_ATTR_USERDN
   SM_AGENTAPI_ATTR_SESSIONSPEC 
   SM_AGENTAPI_ATTR_SESSIONID
   SM_AGENTAPI_ATTR_USERNAME
   SM_AGENTAPI_ATTR_CLIENTIP
   SM_AGENTAPI_ATTR_DEVICENAME
   SM_AGENTAPI_ATTR_IDLESESSIONTIMEOUT
   SM_AGENTAPI_ATTR_MAXSESSIONTIMEOUT
   SM_AGENTAPI_ATTR_STARTSESSIONTIME
   SM_AGENTAPI_ATTR_LASTSESSIONTIME

Ā 

Because this information's length vary, so the SMSession cookie's length vary as well.

SMsession cookie will generally be between 800 bytes to 1K.

Closer to 800 bytes generally speaking. The length of a cookie will be dependent on the info which are in it (user DN for example, last SMSESSION update time etc).

The RFC for HTTP cookies specifies that servers should allocate no less than 4k for an HTTP cookie, so we use this as an upper maximum, but should never get close to that limit.

The SMSESSION cookie is encrypted by the Agent key.