码迷,mamicode.com
首页 > 其他好文 > 详细

Authentication cookies in ZScaler & its behaviour

时间:2020-04-02 17:45:26      阅读:69      评论:0      收藏:0      [点我收藏+]

标签:including   from   src   The   int   apt   type   identify   his   

 

·         All the redirects in the capture sent to zscaler are for one request from user browser.
·         It take 900ms from the first request to the last response received from actual server. This is a onetime process that all domain have to go through for authentication.
 
·         We cannot insert a cookie in one redirect. We first test whether it accepts a cookie by inserting a dummy cookie "_sm_au_d", and if the browser returns back the dummy cookie then we know that Browser can store a cookie for this domain and return this cookie whenever this domain is called.
 
·         Now we start inserting Users unique cookie "_sm_au_c" and expect that this cookie will be stored by the browser and whenever user accesses the domain browser will return the cookie as well as it was able to return the dummy cookie.
 
·         User has made only one request to the Website from the User point of view. Zscaler is manipulating the browser to make two more requests for the website in the back-end to do required authentication. This process is not visible to user.
 
 
 技术图片

 

 

 技术图片

 

 

 
 
The Zscaler service uses the following types of cookies:
  • Gateway cookie: This cookie contains a string that provides login information, including if the user is logged in to the Zscaler service and the number of times the user logged in.
  • Domain cookie: After a user logs in to the Zscaler service, the service sets an additional cookie for each domain to which a user browses. This enables the service to identify which domains a user has visited, so it won’t require the user to log in again. This cookie is set by the ZEN.
  • AUP (Acceptable Usage Policy) cookie: The Zscaler service sets this cookie when a user accepts the AUP. This cookie is set by the ZEN.

The service needs to authenticate users only once, to set the gateway cookie. But you can require users to authenticate more often, based on your business needs.

Authentication cookies in ZScaler & its behaviour

标签:including   from   src   The   int   apt   type   identify   his   

原文地址:https://www.cnblogs.com/zhaoyong631/p/12621095.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!