This section of the Core Authentication module covers the Persistent Cookie options.
![[Note]](common/images/admon/note.png) |
Note |
|---|---|
|
Two methods are available in OpenAM to configure persistent cookies. The options described here and in Section 2.5, “Authenticating To OpenAM” specify one method. There is also a new module, described in Section 2.2.17, “Hints for the Persistent Cookie Module”. If you want to set up persistent cookies, you are encouraged to use the new module. The options described here have no effect on that module. |
- Persistent Cookie Mode
-
Determines whether users can return to their authenticated session after restarting the browser. When enabled, the persistent cookie can be used to reauthenticate until the persistent cookie expires (as specified by the value of the Persistent Cookie Maximum Time attribute), or until the user explicitly logs out. By default, the Authentication Service uses only memory cookies (expires when the browser is closed).
The client must explicitly request a persistent cookie by adding
iPSPCookie=yesas a parameter to the login URL. OpenAM sets aDProPCookieas described in Section 2.5, “Authenticating To OpenAM”.ssoadm attribute:
iplanet-am-auth-persistent-cookie-mode - Persistent Cookie Maximum Time
-
Specifies the interval after which a persistent cookie expires. The interval begins when the user's session is successfully authenticated. The maximum value is 2147483647 (in seconds, so a bit more than 68 years). The field accepts any integer value less than the maximum.
ssoadm attribute:
iplanet-am-auth-persistent-cookie-time - Persistent Cookie Authentication Level
-
Sets the authentication level used to indicate the level of security associated with the module. The value can range from 0 to any positive integer.
ssoadm attribute:
openam-auth-pcookie-auth-level
