SSO Cookie Set at User Login | Set By | Description |
---|---|---|
OAM_ID cookie | OAM Server Embedded Credential Collector | When a user attempts to access a protected application, the request comes to the SSO Engine and the controller checks for the existence of the cookie. See Also: 'OAM_ID cookie'. |
OAMAuthnCookie | 11g Webgate | Set by each 11g Webgate that is contacted. Protected by the key known to the respective 11g Webgate and the OAM Server. A valid OAMAuthnCookie is required for a session. Note: If the user accesses applications protected by different 11g Webgates, you will have multiple OAMAuthnCookies. See 'OAMAuthnCookie for OAM Webgates'. |
A domain-based cookie for 10g Webgates is set only when a 10g Webgate is contacted. Protected with keys known to the OAM Server only. One global shared secret key for all Webgates. Note: This cookie enables backward compatibility and inter-operability between Access Manager 11g and older agents. See 'ObSSOCookie for 10g Webgates' | ||
OAM_REQ | OAM Server Embedded Credential Collector | A transient cookie that is set or cleared by the OAM Server if the Authentication request context cookie is enabled. Protected with keys known to the OAM Server only. Note: This cookie is configured as a high availability option to store the state about user's original request to a protected resource while his credentials are collected and authentication performed. See 'OAM_REQ Cookie'. |
OAMRequestContext | 11g Webgate | Set or cleared by the 11g Webgate and protected by the key known to the respective 11g Webgate and the OAM Server. With Internet Explorer browser: --When RequestContextCookieExpTime is not set, OAMRequestContext is a transient cookie. --When RequestContextCookieExpTime is set, the OAMRequestContext cookie expires by the time set using the ' Expires ' directive. This requires a time sync between the client host and Web server host.With all other (non-IE) browsers, when RequestContextCookieExpTime is not set OAMRequestContext expires in 5 minutes by default or by the time set using the ' Max-Age ' directive.See Also: 'OAMRequestContext' |
DCCCtxCookie | Detached Credential Collector | For detached credential collector (DCC)--similar to OAM_REQ created by embedded credential collector (ECC). See 'DCCCtxCookie' |
OHS-host-port | Oracle HTTP Server | Set only when OSSO Agents (mod_osso) are contacted on Oracle HTTP Server (OHS). Protected with the key known to the respective mod_osso agent and the OAM Server. Note: This cookie enables backward compatibility and inter-operability between Access Manager 11g and older agents. See 'mod_osso Cookies'. |
OAM_GITO cookie | OAM Server | Provides backward compatibility and inter-operability between OSSO 10g and Access Manager 11g. The cookie is created by the OAM Server and accessed or modified by the OAM Server or mod_osso agent. See 'mod_osso Cookies'. |
OpenSSO cookie | OpenSSO Proxy | See 'OpenSSO Cookie (iPlanetDirectoryPro)'. |