Tribune

Home » Liferay Portal » English » 6. Portal Framework

Vista Combinata Vista Piatta Vista ad Albero
Discussioni [ Precedente | Successivo ]
toggle
Sathya E
Significance of LOGIN cookie
27 settembre 2013 3.44
Risposta

Sathya E

Punteggio: New Member

Messaggi: 18

Data di Iscrizione: 31 marzo 2009

Messaggi recenti

The LOGIN cookie is getting set to the response after successful authentication of a user. And Liferay stores the userid encoded in that cookie (which can easily decoded using any decoder). I would like to know the impact of removing / modifying this cookie ?

Comments are welcome.

Thanks
Sathya
David H Nebinger
RE: Significance of LOGIN cookie
27 settembre 2013 6.22
Risposta

David H Nebinger

Punteggio: Liferay Legend

Messaggi: 7151

Data di Iscrizione: 1 settembre 2006

Messaggi recenti

You can disable the cookie in portal-ext.properties. You should not change anything that is used by Liferay unless you are willing to dig into all of the code and modify to match the changes you're doing.

Long story short, having a cookie w/ user id doesn't give you a whole heck of a lot. Basically it's used to pre-populate the user name on the login form. Doesn't give you any access, doesn't violate authentication or authorization, etc.

So it's really nothing that you should worry about.
Sathya E
RE: Significance of LOGIN cookie
27 settembre 2013 6.49
Risposta

Sathya E

Punteggio: New Member

Messaggi: 18

Data di Iscrizione: 31 marzo 2009

Messaggi recenti

Thanks David.

Can you give me the property name to be added in portal-ext.properties to disable this.
Sathya E
RE: Significance of LOGIN cookie
27 settembre 2013 7.12
Risposta

Sathya E

Punteggio: New Member

Messaggi: 18

Data di Iscrizione: 31 marzo 2009

Messaggi recenti

The below property should disable the cookies being set for auto-login process. Please confirm if this is right.

session.enable.persistent.cookies=false