Authentication cookies in ZScaler & its behaviour

Posted zhaoyong631

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Authentication cookies in ZScaler & its behaviour相关的知识,希望对你有一定的参考价值。

 

·         All the redirects in the capture sent to zscaler are for one request from user browser.
·         It take 900ms from the first request to the last response received from actual server. This is a onetime process that all domain have to go through for authentication.
 
·         We cannot insert a cookie in one redirect. We first test whether it accepts a cookie by inserting a dummy cookie "_sm_au_d", and if the browser returns back the dummy cookie then we know that Browser can store a cookie for this domain and return this cookie whenever this domain is called.
 
·         Now we start inserting Users unique cookie "_sm_au_c" and expect that this cookie will be stored by the browser and whenever user accesses the domain browser will return the cookie as well as it was able to return the dummy cookie.
 
·         User has made only one request to the Website from the User point of view. Zscaler is manipulating the browser to make two more requests for the website in the back-end to do required authentication. This process is not visible to user.
 
 
 技术图片

 

 

 技术图片

 

 

 
 
The Zscaler service uses the following types of cookies:
  • Gateway cookie: This cookie contains a string that provides login information, including if the user is logged in to the Zscaler service and the number of times the user logged in.
  • Domain cookie: After a user logs in to the Zscaler service, the service sets an additional cookie for each domain to which a user browses. This enables the service to identify which domains a user has visited, so it won’t require the user to log in again. This cookie is set by the ZEN.
  • AUP (Acceptable Usage Policy) cookie: The Zscaler service sets this cookie when a user accepts the AUP. This cookie is set by the ZEN.

The service needs to authenticate users only once, to set the gateway cookie. But you can require users to authenticate more often, based on your business needs.

以上是关于Authentication cookies in ZScaler & its behaviour的主要内容,如果未能解决你的问题,请参考以下文章

Token Authentication vs. Cookies

在 Forms-Authentication 中动态使用 cookie

Cookie、Session、Token、Authentication、Authorization

.net core 共享 .Net Forms Authentication cookie

ASP.NET WebForms Authentication Logout, Cookie 仍可用于访问站点

How can I manually create a authentication cookie instead of the default method?