- General Security Considerations
- Securing Network Communication
- Preventing Insecure HTTP and LDAP Connections
- Configuring AM Behind a Reverse Proxy
- Configuring CORS Support
- Configuring the Cookie Domain
- Cross-Site Request Forgery (CSRF) Protection
- Securing Administrative Access
- Securing Realms
- Configuring Secrets, Certificates, and Keys
- Features in AM That Use Keys
- Managing the AM Keystore
- Managing Key Aliases and Passwords
- Configuring Secret Stores
- Mapping and Rotating Secrets
- Changing Default Key Aliases
- Securing the Session Cookie
- Additional Cookie Security Considerations
- Securing Sessions
- Understanding Session Termination
- Configuring Account Lockout
- Configuring Session Quotas
- Configuring Client-Based Session Security
- Configuring Authentication Session Whitelisting
- Request Security Considerations
- Protecting Applications
- Setting Up Audit Logging
- About the Audit Logging Service
- Implementing the Audit Logging Service
- Configuring Audit Logging
- Configuring Audit Event Handlers
- Configuring the Trust Transaction Header System Property
- Implementing the Classic Logging Service
- Audit Logging Reference
- Customizing CTS-Based Session Quota Exhaustion Actions
Changing the Name of the Sticky Load Balancing Cookie
By default, the sticky load balancing cookie name is
amlbcookie. Change this value to something that is unique in your environment, and configure the name of the cookie in your load balancers to achieve session stickiness.
Perform the following steps to change the name of the cookie:
Go to Configure > Server Defaults > Advanced.
Change the value of the
com.iplanet.am.lbcookie.nameadvanced server property to the new cookie name.
By default, AM sets the value of the load balancing cookie to the ID of the instance that first responded to a request. You can change it, but we recommend that you keep this configuration when using Web Agents.
For more information, see "To Configure Site Sticky Load Balancing".
Restart AM or the container where it runs.