Browser Cookie IndependenceThe system does not require or interfere with client browser cookies. Domain limited session cookies are sent by the isapi authentication filter as an additional identification mechanism, however, they are not required. Session cookies expire at the end of a browser session and are not stored on a users hard disk. The domain specific session cookie used by the isapi authentication filter consists of a single 128 bit cryptographic MD5 hash and a session identifier. The username and password are not stored in the session cookie. As a domain limited session cookie, it is returned by the browser only to the issuing domain.
Authentication Protocols Communication Protocols table of contents full printable document |
copyright(c) 2003
all rights reserved
sitemap
design - eggworx.com