iTP Secure WebServer System Administrators Guide (Version 7.5+)
Ticketing and Tracking Example
To understand how tracking works, consider the following example:
A company called Universal Technology, Inc., has put all its marketing literature on the Web.
Universal Technology does not want to limit access to these files, but it does want to know how
many individuals are looking at each file. It also wants to know which links are accessed most
frequently.
Universal Technology obtains this information by configuring its iTP Secure WebServer to support
anonymous ticketing, a type of ticketing that provides tracking information but no authentication
or authorization.
When the Universal Technology WebServer receives a request for a resource, it generates a ticket
for the user and redirects the user's browser to the same content, but with the ticket inserted in the
URL. The Web client resends the request, this time with the inserted ticket.
The iTP Secure WebServer detects the ticket, validates it to check that it has not been tampered
with and has not expired, and then returns the requested resource (as shown in “Requesting a
Ticket” (page 171)). The request, along with the ticket, is recorded in the server's log file.
Figure 8 Requesting a Ticket
iTP Secure WebServer
Web Client
Internet
No ticket, so...
...iTP Secure WebServer
generates ticket and sends
a redirect to the web client
This time there is
a ticket, so...
...the resource
is returned
URL Request
Redirect to URL with ticket
URL Request, with ticket
Requested Resource
Now the user has received one resource and makes a request for another. The Web client has
retained the user's ticket so it can be reused, as shown in “Using a Ticket” (page 172).
Ticketing and Tracking Example 171