Java Policy Agents 5.10

Post Data Preservation Cookie Name

The name of the Post Data Preservation cookie. This cookie maintains the security of the data in unauthenticated POST requests. It contains a unique one-time code which is cross-checked against the stored data making it extremely difficult for malicious actors to replay the stored data for other users.

Since Java Agent 5.10, there is the option of creating one cookie for all concurrent PDP requests, or alternatively to have one uniqely named cookie per request.

If you have tests in your environment that make multiple PDP requests to the agent, you may find intermittent failures as browsers can limit how many cookies they handle.

Configure the cookie name as follows:

  • To use one cookie for all concurrent PDP requests to AM, configure as a string. For example, org.forgerock.agents.pdp.cookie.name=cookie-name.

  • To use one cookie for each authentication request to AM, configure as %n before, in the middle, or after a string. When the agent creates the cookie, it substitutes %n for a unique identifier. For example:

    • org.forgerock.agents.pdp.cookie.name=%n

    • org.forgerock.agents.pdp.cookie.name=%n-cookie-name

    • org.forgerock.agents.pdp.cookie.name=cookie-%n-name

    • org.forgerock.agents.pdp.cookie.name=cookie-name-%n

The agent compresses and then signs the cookie.

Property name

org.forgerock.agents.pdp.cookie.name

Aliases

org.forgerock.agents.pdp.cookie.name
  Introduced in Java Agent 5.10.0
  Recognized from AM 7.1

Type

String

Default

PDP_Nonce

Bootstrap property

No

Required property

No

Restart required

No

Local configuration file

AgentConfig.properties

Copyright © 2010-2022 ForgeRock, all rights reserved.