PingGateway 2024.6

CookieFilter

Manages, suppresses, and relays cookies for stateful sessions. This filter is not currently compatible with stateless sessions.

Usage

{
     "name": string,
     "type": "CookieFilter",
     "config": {
         "managed": [ configuration expression<string>, ... ],
         "suppressed": [ configuration expression<string>, ... ],
         "relayed": [ configuration expression<string>, ... ],
         "defaultAction": configuration expression<enumeration>
     }
}

Properties

"managed": array of configuration expression<strings>, optional

A list of the names of cookies to be managed.

PingGateway stores cookies from the protected application in the session and manages them as follows:

  • Requests with a Cookie header: PingGateway removes managed cookies so that protected applications cannot see them.

  • Responses with a Set-Cookie header: PingGateway removes managed cookies and keeps a copy of them. PingGateway then adds the managed cookies in a Cookie header to future requests that traverse the CookieFilter.

"suppressed": array of configuration expression<strings>, optional

A list of the names of cookies to be suppressed.

PingGateway removes cookies from the request and response. Use this option to hide domain cookies, such as the AM session cookie, that are used by PingGateway but are not usually used by protected applications.

"relayed": array of configuration expression<strings>, optional

A list of the names of cookies to be relayed.

PingGateway transmits cookies freely from the user agent to the remote server, and vice versa.

"defaultAction": configuration expression<enumeration>, optional

Action to perform for cookies that do not appear in one of the above lists. Set to MANAGE, SUPPRESS, or RELAY.

If a cookie appears in more than one of the above lists, it is treated in the following order of precedence: managed, suppressed, relayed. For example, if a cookie is in both the managed and relayed lists, the cookie is managed.

Default: "MANAGE".