Sending session cookies with each request

When we use cookies to maintain session state, the cookie is sent to the browser only once, following a successful login. However, some browsers enforce a limit on the number of in-memory cookies they can store concurrently.

In some environments, applications can place a large number of in-memory cookies per domain on client systems. In this case, any configured WebSEAL session cookie, failover cookie or LTPA cookie can be easily replaced by another cookie.

When configuring WebSEAL to use session cookies, we can additionally set the resend-webseal-cookies stanza entry, located in the [session] stanza of the WebSEAL configuration file. This stanza entry instructs WebSEAL to re-send the session cookie to the browser for all responses to requests that originally contained a session cookie. This action helps to ensure the session cookie remains in the browser memory. The resend-webseal-cookies stanza entry has a default setting of "no":

[session]
resend-webseal-cookies = no

Enable WebSEAL to examine each request for a session cookie and include the cookie in the corresponding response by configuring the stanza entry to "yes".

[session]
resend-webseal-cookies = yes

The resend-webseal-cookies stanza entry produces the same results for failover cookies, e-community cookies and LTPA cookies.

Parent topic: Session cookies