Preservation of cookie names

By default, WebSEAL modifies the name of cookies returned in responses from back-end applications across multiple junctions created with the -j option, or listed in the junction mapping table. WebSEAL creates unique cookie names to prevent possible naming conflicts with cookies returned across other -j junctions.

WebSEAL adds a special string to the beginning of the name attribute of a Set-Cookie header. The string contains the identifier AMWEBJCT, plus the name of the specific junction responsible for delivering the response (with cookie).

AMWEBJCT!jct-name!

For example, if a cookie with the name, ORDERID, arrives across a junction called /jctA, the cookie name is changed to:

AMWEBJCT!jctA!ORDERID

However, if front-end browsers and applications depend on the specific cookie name generated by the application, we can disable cookie-renaming for:

• All cookies across any junction configured with the -n option.
• Specific cookies, configured in the [preserve-cookie-names] stanza of the WebSEAL configuration file, across all junctions.

• Preserving names of all cookies
  
• Preserving names of specified cookies
  We can list the names of specific cookies that are not to be modified when returned from back-end application servers across junctions.

Parent topic: Handling cookies from servers across multiple -j junctions