zoukankan      html  css  js  c++  java
  • Authentication cookies in ZScaler & its behaviour

     

    ·         All the redirects in the capture sent to zscaler are for one request from user browser.
    ·         It take 900ms from the first request to the last response received from actual server. This is a onetime process that all domain have to go through for authentication.
     
    ·         We cannot insert a cookie in one redirect. We first test whether it accepts a cookie by inserting a dummy cookie "_sm_au_d", and if the browser returns back the dummy cookie then we know that Browser can store a cookie for this domain and return this cookie whenever this domain is called.
     
    ·         Now we start inserting Users unique cookie "_sm_au_c" and expect that this cookie will be stored by the browser and whenever user accesses the domain browser will return the cookie as well as it was able to return the dummy cookie.
     
    ·         User has made only one request to the Website from the User point of view. Zscaler is manipulating the browser to make two more requests for the website in the back-end to do required authentication. This process is not visible to user.
     
     
     
     
     
     
    The Zscaler service uses the following types of cookies:
    • Gateway cookie: This cookie contains a string that provides login information, including if the user is logged in to the Zscaler service and the number of times the user logged in.
    • Domain cookie: After a user logs in to the Zscaler service, the service sets an additional cookie for each domain to which a user browses. This enables the service to identify which domains a user has visited, so it won’t require the user to log in again. This cookie is set by the ZEN.
    • AUP (Acceptable Usage Policy) cookie: The Zscaler service sets this cookie when a user accepts the AUP. This cookie is set by the ZEN.

    The service needs to authenticate users only once, to set the gateway cookie. But you can require users to authenticate more often, based on your business needs.

  • 相关阅读:
    非局部均值(NL-means)
    图像对比度的理解
    汇编语言之计算器设计
    基于DnCNN模型的图像去噪论文详解(Beyond a Gaussian Denoiser: Residual Learning of Deep CNN for Image Denoising)
    P2024 [NOI2001]食物链(洛谷)
    P2256 一中校运会之百米跑(洛谷)
    P1037 产生数(洛谷)
    Java 换行和回车
    html 一些常用字符
    update
  • 原文地址:https://www.cnblogs.com/zhaoyong631/p/12621095.html
Copyright © 2011-2022 走看看