标签:including from src The int apt type identify his
· All the redirects in the capture sent to zscaler are for one request from user browser.
· It take 900ms from the first request to the last response received from actual server. This is a onetime process that all domain have to go through for authentication.
· We cannot insert a cookie in one redirect. We first test whether it accepts a cookie by inserting a dummy cookie "_sm_au_d", and if the browser returns back the dummy cookie then we know that Browser can store a cookie for this domain and return this cookie whenever this domain is called.
· Now we start inserting Users unique cookie "_sm_au_c" and expect that this cookie will be stored by the browser and whenever user accesses the domain browser will return the cookie as well as it was able to return the dummy cookie.
· User has made only one request to the Website from the User point of view. Zscaler is manipulating the browser to make two more requests for the website in the back-end to do required authentication. This process is not visible to user.
The Zscaler service uses the following types of cookies:
- Gateway
cookie: This cookie contains a string that provides login information,
including if the user is logged in to the Zscaler service and the number
of times the user logged in.
- Domain
cookie: After a user logs in to the Zscaler service, the service sets an
additional cookie for each domain to which a user browses. This enables
the service to identify which domains a user has visited, so it won’t
require the user to log in again. This cookie is set by the ZEN.
- AUP
(Acceptable Usage Policy) cookie: The Zscaler service sets this cookie
when a user accepts the AUP. This cookie is set by the ZEN.
The service needs to authenticate users only once, to set the
gateway cookie. But you can require users to authenticate more often, based on
your business needs.
Authentication cookies in ZScaler & its behaviour
标签:including from src The int apt type identify his
原文地址:https://www.cnblogs.com/zhaoyong631/p/12621095.html
