What information is present in the SMSESSIONSPEC in the SMSESSION cookie.

Document ID : KB000050532
Last Modified Date : 14/02/2018
Show Technical Document Details

Solution:

The SMSESSIONSPEC is an encrypted ticket that contains information related to the user session.

If the session is validated from the Policy Server then session spec will change and the SMSESSION cookie will be changed as well, but in case "SessionGracePeriod" expires, session cookie will be re-computed as per the new key received but the session spec remains the same.

Only the Policy Server knows how to decode the information in the SMSESSIONSPEC.

The data the SMSESSIONSPEC contains are those listed below:

  • SessionVersion
  • SessionStartTime
  • SessionLastTime
  • SessionMaxTimeout
  • SessionIdleTimeout
  • SessionLevel
  • SessionId
  • SessionIp
  • SessionDn
  • SessionDirOid
  • SessionDirName
  • SessionUnivId
  • SessionType
  • SessionAnonymous
  • SessionImpersonatorName
  • SessionLoginName
  • SessionPersistent
  • SessionDrift
  • SessionImpersonatorDirName
  • SessionAuthContext